Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
FileZilla_3.67.1_win64_sponsored-setup.exe

Overview

General Information

Sample name:FileZilla_3.67.1_win64_sponsored-setup.exe
Analysis ID:1478260
MD5:ac97e64c3e2e865c50155dfdffe5428a
SHA1:d473e2d49e908e6d1abfa614c55bdae485508153
SHA256:6113a3f7c9469fcd9b53ea3ecb16bbefb71318af2864ae0a74a8fb633a05f24a
Infos:

Detection

Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Compliance

Score:51
Range:0 - 100

Signatures

Multi AV Scanner detection for dropped file
Creates an autostart registry key pointing to binary in C:\Windows
Creates files in the system32 config directory
Creates multiple autostart registry keys
Detected potential unwanted application
Modifies Internet Explorer zone settings
Modifies Internet Explorer zonemap settings
Overwrites Mozilla Firefox settings
Sigma detected: Dot net compiler compiles file from suspicious location
Tries to harvest and steal browser information (history, passwords, etc)
Uses netsh to modify the Windows network and firewall settings
Writes a notice file (html or txt) to demand a ransom
Yara detected Generic Downloader
Adds / modifies Windows certificates
Allocates memory with a write watch (potentially for evading sandboxes)
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Checks if the current process is being debugged
Compiles C# or VB.Net code
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates driver files
Creates files inside the driver directory
Creates files inside the system directory
Creates or modifies windows services
Deletes files inside the Windows folder
Drops PE files
Drops PE files to the windows directory (C:\Windows)
Drops certificate files (DER)
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Is looking for software installed on the system
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
One or more processes crash
PE file contains an invalid checksum
PE file contains sections with non-standard names
PE file does not import any functions
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Queries time zone information
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: IE Change Domain Zone
Stores files to the Windows start menu directory
Uses 32bit PE files

Classification

Process Tree

  • System is w10x64
  • FileZilla_3.67.1_win64_sponsored-setup.exe (PID: 2168 cmdline: "C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe" MD5: AC97E64C3E2E865C50155DFDFFE5428A)
    • WcInstaller.exe (PID: 3684 cmdline: "C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe" --silent --partner=FZ210427 --searchenbl MD5: CA94290A5FB89E0AAACBF01585718B17)
      • WebCompanionInstaller.exe (PID: 4648 cmdline: .\WebCompanionInstaller.exe --partner=FZ210427 --version=9.1.0.993 --silent --partner=FZ210427 --searchenbl MD5: 80619C0E2165AB0C217D4355461DA07D)
        • sc.exe (PID: 3828 cmdline: "sc.exe" Create "WCAssistantService" binPath= "C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe" DisplayName= "WC Assistant" start= auto MD5: D9D7684B8431A0D10D0E76FE9F5FFEC8)
          • conhost.exe (PID: 3404 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • sc.exe (PID: 7032 cmdline: "sc.exe" failure WCAssistantService reset= 30 actions= restart/60000 MD5: D9D7684B8431A0D10D0E76FE9F5FFEC8)
          • conhost.exe (PID: 6148 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • sc.exe (PID: 7044 cmdline: "sc.exe" description "WCAssistantService" "Ad-Aware Web Companion Internet security service" MD5: D9D7684B8431A0D10D0E76FE9F5FFEC8)
          • conhost.exe (PID: 4280 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • rundll32.exe (PID: 3652 cmdline: "C:\Windows\sysnative\RunDLL32.Exe" syssetup,SetupInfObjectInstallAction BootInstall 128 C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci.inf MD5: EF3179D498793BF4234F708D3BE28633)
          • runonce.exe (PID: 1532 cmdline: "C:\Windows\system32\runonce.exe" -r MD5: 9ADEF025B168447C1E8514D919CB5DC0)
            • grpconv.exe (PID: 4452 cmdline: "C:\Windows\System32\grpconv.exe" -o MD5: 8531882ACC33CB4BDC11B305A01581CE)
        • net.exe (PID: 4464 cmdline: "C:\Windows\sysnative\net.exe" start bddci MD5: 0BD94A338EEA5A4E1F2830AE326E6D19)
          • conhost.exe (PID: 5248 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • net1.exe (PID: 6552 cmdline: C:\Windows\system32\net1 start bddci MD5: 55693DF2BB3CBE2899DFDDF18B4EB8C9)
        • sc.exe (PID: 6148 cmdline: "sc.exe" Create "DCIService" binPath= "C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe" DisplayName= "DCIService" start= auto MD5: D9D7684B8431A0D10D0E76FE9F5FFEC8)
          • conhost.exe (PID: 6588 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • sc.exe (PID: 1668 cmdline: "sc.exe" description "DCIService" "Webprotection Bridge service" MD5: D9D7684B8431A0D10D0E76FE9F5FFEC8)
          • conhost.exe (PID: 6800 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • cmd.exe (PID: 3508 cmdline: "C:\Windows\System32\cmd.exe" /C "C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bridge_start.cmd" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
          • conhost.exe (PID: 568 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • sc.exe (PID: 1164 cmdline: sc start DCIService MD5: D9D7684B8431A0D10D0E76FE9F5FFEC8)
        • cmd.exe (PID: 3500 cmdline: "C:\Windows\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
          • conhost.exe (PID: 6896 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • netsh.exe (PID: 5948 cmdline: netsh http add urlacl url=http://+:9007/ user=Everyone MD5: 4E89A1A088BE715D6C946E55AB07C7DF)
        • WebCompanion.exe (PID: 632 cmdline: "C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --silent --install --geo= --searchenbl MD5: 11CE0FC17BFCDCCF929515BD90455BAF)
          • csc.exe (PID: 3760 cmdline: "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\rrd1gvmr.cmdline" MD5: 2B9482EB5D3AF71029277E18F6C656C0)
            • conhost.exe (PID: 3020 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
            • cvtres.exe (PID: 6996 cmdline: C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RES29AE.tmp" "c:\Users\user\AppData\Local\Temp\CSC299E.tmp" MD5: E118330B4629B12368D91B9DF6488BE0)
    • WerFault.exe (PID: 6680 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 2168 -s 2464 MD5: C31336C1EFC2CCB44B4326EA793040F2)
    • WerFault.exe (PID: 2748 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 2168 -s 2596 MD5: C31336C1EFC2CCB44B4326EA793040F2)
    • WerFault.exe (PID: 5588 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 2168 -s 1192 MD5: C31336C1EFC2CCB44B4326EA793040F2)
  • svchost.exe (PID: 2744 cmdline: C:\Windows\System32\svchost.exe -k WerSvcGroup MD5: B7F884C1B74A263F746EE12A5F7C9F6A)
    • WerFault.exe (PID: 636 cmdline: C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 2168 -ip 2168 MD5: C31336C1EFC2CCB44B4326EA793040F2)
    • WerFault.exe (PID: 5960 cmdline: C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 2168 -ip 2168 MD5: C31336C1EFC2CCB44B4326EA793040F2)
    • WerFault.exe (PID: 7048 cmdline: C:\Windows\SysWOW64\WerFault.exe -pss -s 492 -p 2168 -ip 2168 MD5: C31336C1EFC2CCB44B4326EA793040F2)
  • svchost.exe (PID: 4508 cmdline: C:\Windows\system32\svchost.exe -k netsvcs -p -s wlidsvc MD5: B7F884C1B74A263F746EE12A5F7C9F6A)
  • svchost.exe (PID: 4700 cmdline: C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager MD5: B7F884C1B74A263F746EE12A5F7C9F6A)
  • DCIService.exe (PID: 3348 cmdline: "C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe" MD5: 3827CA1C0EC114A29BB576BEF431F070)
  • Lavasoft.WCAssistant.WinService.exe (PID: 1888 cmdline: "C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe" MD5: 3442D7F43B57552DB02DD69C13F6E682)
    • cmd.exe (PID: 4268 cmdline: "C:\Windows\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
      • conhost.exe (PID: 1532 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • netsh.exe (PID: 1612 cmdline: netsh http add urlacl url=http://+:9007/ user=Everyone MD5: 6F1E6DD688818BC3D1391D0CC7D597EB)
  • WebCompanion.exe (PID: 7100 cmdline: "C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --minimize MD5: 11CE0FC17BFCDCCF929515BD90455BAF)
    • csc.exe (PID: 5788 cmdline: "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\i6uwqyh0.cmdline" MD5: 2B9482EB5D3AF71029277E18F6C656C0)
      • conhost.exe (PID: 4156 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • cvtres.exe (PID: 1452 cmdline: C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RES40C1.tmp" "c:\Users\user\AppData\Local\Temp\CSC40B0.tmp" MD5: E118330B4629B12368D91B9DF6488BE0)
  • WebCompanion.exe (PID: 2660 cmdline: "C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --minimize MD5: 11CE0FC17BFCDCCF929515BD90455BAF)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dllJoeSecurity_GenericDownloader_1Yara detected Generic DownloaderJoe Security
    C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dllJoeSecurity_GenericDownloader_1Yara detected Generic DownloaderJoe Security
      C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeJoeSecurity_GenericDownloader_1Yara detected Generic DownloaderJoe Security
        C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeJoeSecurity_GenericDownloader_1Yara detected Generic DownloaderJoe Security
          C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Search.exeJoeSecurity_GenericDownloader_1Yara detected Generic DownloaderJoe Security
            Click to see the 1 entries

            Sigma Signatures

            System Summary

            barindex
            Sigma detected: CurrentVersion Autorun Keys Modification
            Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: grpconv -o, EventID: 13, EventType: SetValue, Image: C:\Windows\System32\rundll32.exe, ProcessId: 3652, TargetObject: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\GrpConv
            Sigma detected: IE Change Domain Zone
            Source: Registry Key setAuthor: frack113: Data: Details: 2, EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe, ProcessId: 4648, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\*
            Sigma detected: Dynamic CSharp Compile Artefact
            Source: File createdAuthor: frack113: Data: EventID: 11, Image: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe, ProcessId: 632, TargetFilename: C:\Users\user\AppData\Local\Temp\rrd1gvmr.cmdline
            Sigma detected: Modification of IE Registry Settings
            Source: Registry Key setAuthor: frack113: Data: Details: 3, EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe, ProcessId: 4648, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\2301
            Sigma detected: Net.exe Execution
            Source: Process startedAuthor: Michael Haag, Mark Woan (improvements), James Pemberton / @4A616D6573 / oscd.community (improvements): Data: Command: "C:\Windows\sysnative\net.exe" start bddci, CommandLine: "C:\Windows\sysnative\net.exe" start bddci, CommandLine|base64offset|contains: , Image: C:\Windows\System32\net.exe, NewProcessName: C:\Windows\System32\net.exe, OriginalFileName: C:\Windows\System32\net.exe, ParentCommandLine: .\WebCompanionInstaller.exe --partner=FZ210427 --version=9.1.0.993 --silent --partner=FZ210427 --searchenbl, ParentImage: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe, ParentProcessId: 4648, ParentProcessName: WebCompanionInstaller.exe, ProcessCommandLine: "C:\Windows\sysnative\net.exe" start bddci, ProcessId: 4464, ProcessName: net.exe
            Sigma detected: New Service Creation Using Sc.EXE
            Source: Process startedAuthor: Timur Zinniatullin, Daniil Yugoslavskiy, oscd.community: Data: Command: "sc.exe" Create "WCAssistantService" binPath= "C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe" DisplayName= "WC Assistant" start= auto, CommandLine: "sc.exe" Create "WCAssistantService" binPath= "C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe" DisplayName= "WC Assistant" start= auto, CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\sc.exe, NewProcessName: C:\Windows\SysWOW64\sc.exe, OriginalFileName: C:\Windows\SysWOW64\sc.exe, ParentCommandLine: .\WebCompanionInstaller.exe --partner=FZ210427 --version=9.1.0.993 --silent --partner=FZ210427 --searchenbl, ParentImage: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe, ParentProcessId: 4648, ParentProcessName: WebCompanionInstaller.exe, ProcessCommandLine: "sc.exe" Create "WCAssistantService" binPath= "C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe" DisplayName= "WC Assistant" start= auto, ProcessId: 3828, ProcessName: sc.exe
            Sigma detected: Start Windows Service Via Net.EXE
            Source: Process startedAuthor: Timur Zinniatullin, Daniil Yugoslavskiy, oscd.community: Data: Command: "C:\Windows\sysnative\net.exe" start bddci, CommandLine: "C:\Windows\sysnative\net.exe" start bddci, CommandLine|base64offset|contains: , Image: C:\Windows\System32\net.exe, NewProcessName: C:\Windows\System32\net.exe, OriginalFileName: C:\Windows\System32\net.exe, ParentCommandLine: .\WebCompanionInstaller.exe --partner=FZ210427 --version=9.1.0.993 --silent --partner=FZ210427 --searchenbl, ParentImage: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe, ParentProcessId: 4648, ParentProcessName: WebCompanionInstaller.exe, ProcessCommandLine: "C:\Windows\sysnative\net.exe" start bddci, ProcessId: 4464, ProcessName: net.exe
            Sigma detected: Windows Processes Suspicious Parent Directory
            Source: Process startedAuthor: vburov: Data: Command: C:\Windows\System32\svchost.exe -k WerSvcGroup, CommandLine: C:\Windows\System32\svchost.exe -k WerSvcGroup, CommandLine|base64offset|contains: , Image: C:\Windows\System32\svchost.exe, NewProcessName: C:\Windows\System32\svchost.exe, OriginalFileName: C:\Windows\System32\svchost.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 624, ProcessCommandLine: C:\Windows\System32\svchost.exe -k WerSvcGroup, ProcessId: 2744, ProcessName: svchost.exe

            Data Obfuscation

            barindex
            Sigma detected: Dot net compiler compiles file from suspicious location
            Source: Process startedAuthor: Joe Security: Data: Command: "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\rrd1gvmr.cmdline", CommandLine: "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\rrd1gvmr.cmdline", CommandLine|base64offset|contains: zw, Image: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe, NewProcessName: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe, OriginalFileName: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe, ParentCommandLine: "C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --silent --install --geo= --searchenbl , ParentImage: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe, ParentProcessId: 632, ParentProcessName: WebCompanion.exe, ProcessCommandLine: "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\rrd1gvmr.cmdline", ProcessId: 3760, ProcessName: csc.exe

            Snort Signatures

            No Snort rule has matched

            Suricata Signatures

            Timestamp:2024-07-22T12:52:20.710966+0200
            SID:2849740
            Source Port:49767
            Destination Port:443
            Protocol:TCP
            Classtype:Possibly Unwanted Program Detected
            Timestamp:2024-07-22T12:52:10.230018+0200
            SID:2849740
            Source Port:49756
            Destination Port:443
            Protocol:TCP
            Classtype:Possibly Unwanted Program Detected
            Timestamp:2024-07-22T12:52:13.276896+0200
            SID:2849740
            Source Port:49760
            Destination Port:443
            Protocol:TCP
            Classtype:Possibly Unwanted Program Detected
            Timestamp:2024-07-22T12:52:09.448983+0200
            SID:2849740
            Source Port:49753
            Destination Port:443
            Protocol:TCP
            Classtype:Possibly Unwanted Program Detected
            Timestamp:2024-07-22T12:52:16.623558+0200
            SID:2849740
            Source Port:49764
            Destination Port:443
            Protocol:TCP
            Classtype:Possibly Unwanted Program Detected
            Timestamp:2024-07-22T12:52:14.819899+0200
            SID:2849740
            Source Port:49762
            Destination Port:443
            Protocol:TCP
            Classtype:Possibly Unwanted Program Detected
            Timestamp:2024-07-22T12:53:34.014772+0200
            SID:2849740
            Source Port:49775
            Destination Port:443
            Protocol:TCP
            Classtype:Possibly Unwanted Program Detected
            Timestamp:2024-07-22T12:51:59.048344+0200
            SID:2849740
            Source Port:49748
            Destination Port:443
            Protocol:TCP
            Classtype:Possibly Unwanted Program Detected
            Timestamp:2024-07-22T12:52:12.515625+0200
            SID:2849740
            Source Port:49759
            Destination Port:443
            Protocol:TCP
            Classtype:Possibly Unwanted Program Detected
            Timestamp:2024-07-22T12:52:10.988342+0200
            SID:2849740
            Source Port:49757
            Destination Port:443
            Protocol:TCP
            Classtype:Possibly Unwanted Program Detected
            Timestamp:2024-07-22T12:52:18.083826+0200
            SID:2849740
            Source Port:49766
            Destination Port:443
            Protocol:TCP
            Classtype:Possibly Unwanted Program Detected
            Timestamp:2024-07-22T12:53:28.888202+0200
            SID:2849740
            Source Port:49770
            Destination Port:443
            Protocol:TCP
            Classtype:Possibly Unwanted Program Detected
            Timestamp:2024-07-22T12:53:35.223095+0200
            SID:2849740
            Source Port:49779
            Destination Port:443
            Protocol:TCP
            Classtype:Possibly Unwanted Program Detected
            Timestamp:2024-07-22T12:52:15.652589+0200
            SID:2849740
            Source Port:49763
            Destination Port:443
            Protocol:TCP
            Classtype:Possibly Unwanted Program Detected
            Timestamp:2024-07-22T12:52:17.325088+0200
            SID:2849740
            Source Port:49765
            Destination Port:443
            Protocol:TCP
            Classtype:Possibly Unwanted Program Detected
            Timestamp:2024-07-22T12:52:14.168629+0200
            SID:2849740
            Source Port:49761
            Destination Port:443
            Protocol:TCP
            Classtype:Possibly Unwanted Program Detected
            Timestamp:2024-07-22T12:52:11.790870+0200
            SID:2849740
            Source Port:49758
            Destination Port:443
            Protocol:TCP
            Classtype:Possibly Unwanted Program Detected
            Timestamp:2024-07-22T12:51:49.871551+0200
            SID:2849740
            Source Port:49741
            Destination Port:443
            Protocol:TCP
            Classtype:Possibly Unwanted Program Detected

            Joe Sandbox Signatures

            Click to jump to signature section

            Show All Signature Results

            AV Detection

            barindex
            Multi AV Scanner detection for dropped file
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exeReversingLabs: Detection: 13%
            Source: DCIService.exe, 00000025.00000002.3291601212.00007FF66326A000.00000002.00000001.01000000.00000015.sdmpBinary or memory string: -----BEGIN PUBLIC KEY-----memstr_2e19cebf-3

            Compliance

            barindex
            Uses 32bit PE files
            Source: FileZilla_3.67.1_win64_sponsored-setup.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
            Found installer window with terms and condition text
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeWindow detected: I &AgreeCancelNullsoft Install System v3.09 Nullsoft Install System v3.09License AgreementPlease review the license terms before installing FileZilla Client 3.67.1.Press Page Down to see the rest of the agreement. GNU GENERAL PUBLIC LICENSE Version 2 June 1991 Copyright (C) 1989 1991 Free Software Foundation Inc. 59 Temple Place Suite 330 Boston MA 02111-1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document but changing it is not allowed. Preamble The licenses for most software are designed to take away yourfreedom to share and change it. By contrast the GNU General PublicLicense is intended to guarantee your freedom to share and change freesoftware--to make sure the software is free for all its users. ThisGeneral Public License applies to most of the Free SoftwareFoundation's software and to any other program whose authors commit tousing it. (Some other Free Software Foundation software is covered bythe GNU Library General Public License instead.) You can apply it toyour programs too. When we speak of free software we are referring to freedom notprice. Our General Public Licenses are designed to make sure that youhave the freedom to distribute copies of free software (and charge forthis service if you wish) that you receive source code or can get itif you want it that you can change the software or use pieces of itin new free programs; and that you know you can do these things. To protect your rights we need to make restrictions that forbidanyone to deny you these rights or to ask you to surrender the rights.These restrictions translate to certain responsibilities for you if youdistribute copies of the software or if you modify it. For example if you distribute copies of such a program whethergratis or for a fee you must give the recipients all the rights thatyou have. You must make sure that they too receive or can get thesource code. And you must show them these terms so they know theirrights. We protect your rights with two steps: (1) copyright the software and(2) offer you this license which gives you legal permission to copydistribute and/or modify the software. Also for each author's protection and ours we want to make certainthat everyone understands that there is no warranty for this freesoftware. If the software is modified by someone else and passed on wewant its recipients to know that what they have is not the original sothat any problems introduced by others will not reflect on the originalauthors' reputations. Finally any free program is threatened constantly by softwarepatents. We wish to avoid the danger that redistributors of a freeprogram will individually obtain patent licenses in effect making theprogram proprietary. To prevent this we have made it clear that anypatent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying distribution andmodification follow. GNU GENERAL PUBLIC LICEN
            Creates install or setup log file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Users\user\AppData\Local\Temp\WcInstaller.logJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\ProgramData\Lavasoft\Web Companion\Options\install.txtJump to behavior
            PE / OLE file has a valid certificate
            Source: FileZilla_3.67.1_win64_sponsored-setup.exeStatic PE information: certificate valid
            Uses new MSVCR Dlls
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile opened: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9672_none_d08f9da24428a513\MSVCR80.dllJump to behavior
            Uses secure TLS version for HTTPS connections
            Source: unknownHTTPS traffic detected: 49.12.121.47:443 -> 192.168.2.8:49707 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.19.208.152:443 -> 192.168.2.8:49709 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.19.159.224:443 -> 192.168.2.8:49729 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.16.149.130:443 -> 192.168.2.8:49735 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.16.149.130:443 -> 192.168.2.8:49736 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.16.149.130:443 -> 192.168.2.8:49741 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.16.149.130:443 -> 192.168.2.8:49753 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.16.149.130:443 -> 192.168.2.8:49770 version: TLS 1.2
            Contains modern PE file flags such as dynamic base (ASLR) or NX
            Source: FileZilla_3.67.1_win64_sponsored-setup.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
            Binary contains paths to debug symbols
            Source: Binary string: d:\agent\_work\2\s\\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdb source: DCIService.exe, 00000025.00000002.3296074480.00007FFBC1B85000.00000002.00000001.01000000.00000016.sdmp
            Source: Binary string: c:\Projects\WebCompanion\Common\SearchProtect.Service.Logger\obj\Debug\Lavasoft.WCAssistant.Service.Logger.pdb source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3303358857.000000001AC02000.00000002.00000001.01000000.00000041.sdmp
            Source: Binary string: sav.pdba source: DCIService.exe, 00000025.00000002.3295595677.00007FFBC1AB2000.00000002.00000001.01000000.0000001B.sdmp, sav.dll0.8.dr
            Source: Binary string: C:\Windows\dll\System.ServiceProcess.pdbPro source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3288927631.00000000014C6000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: -Nk0/C:\Users\user\AppData\Local\Temp\vcbtw7fm.pdb source: WebCompanion.exe, 00000038.00000002.3292238601.0000000003770000.00000004.00000800.00020000.00000000.sdmp
            Source: Binary string: http.pdb source: DCIService.exe, 00000025.00000002.3294925946.00007FFBB4F9C000.00000002.00000001.01000000.0000001C.sdmp
            Source: Binary string: ucrtbase.pdb source: ucrtbase.dll0.8.dr
            Source: Binary string: api-ms-win-core-file-l1-2-0.pdb source: api-ms-win-core-file-l1-2-0.dll.8.dr
            Source: Binary string: ftp.pdb source: DCIService.exe, 00000025.00000002.3295132465.00007FFBB5C1E000.00000002.00000001.01000000.00000021.sdmp
            Source: Binary string: d:\agent\_work\9\s\\binaries\x86ret\bin\i386\vccorlib140.i386.pdbGCTL source: vccorlib140.dll.8.dr
            Source: Binary string: D:\Bamboo\home\xml-data\build-dir\OEMSDK-OHDS-SOURCES\bin\Win32\Release\bddcihttp.pdbx source: bddcihttp.dll0.8.dr
            Source: Binary string: c:\dev\sqlite\dotnet\obj\2008\Release\System.Data.SQLite.pdb source: WebCompanion.exe, 00000033.00000002.3361794418.0000000008BD2000.00000002.00000001.01000000.00000039.sdmp, System.Data.SQLite.dll.8.dr
            Source: Binary string: api-ms-win-core-sysinfo-l1-1-0.pdb source: api-ms-win-core-sysinfo-l1-1-0.dll0.8.dr
            Source: Binary string: E:\builds\DCI-BDDCI345-ISV_new\bin\x64\Release\bddci.pdb source: rundll32.exe, 00000015.00000003.2051248912.000001BAE0484000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: C:\Windows\symbols\dll\System.ServiceProcess.pdb8f0 source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3288927631.00000000014C6000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: C:\Projects\WebCompanion\Common\SearchProtect.WcfService\obj\Debug\Lavasoft.WCAssistant.WcfService.pdbT source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3304199031.000000001AC22000.00000002.00000001.01000000.00000042.sdmp
            Source: Binary string: D:\Projects\Adaware\webcompanion\Common\Lavasoft.Utils\obj\x86\Debug\Lavasoft.Utils.pdb source: WebCompanion.exe, 00000038.00000002.3321152714.0000000006092000.00000002.00000001.01000000.00000028.sdmp
            Source: Binary string: -Nk0/C:\Users\user\AppData\Local\Temp\vcbtw7fm.pdb\ source: WebCompanion.exe, 00000038.00000002.3292238601.0000000003649000.00000004.00000800.00020000.00000000.sdmp
            Source: Binary string: C:\Windows\TEMP\drone-kwRqivJrrmmjgcRp\drone\src\DCIService\Release\DCIService.pdb source: DCIService.exe0.8.dr
            Source: Binary string: D:\Projects\Adaware\webcompanion\Common\Lavasoft.Events\obj\x86\Debug\Lavasoft.Events.pdb source: WebCompanion.exe, 00000038.00000002.3322211980.00000000060E2000.00000002.00000001.01000000.00000029.sdmp
            Source: Binary string: api-ms-win-core-heap-l1-1-0.pdb source: api-ms-win-core-heap-l1-1-0.dll.8.dr
            Source: Binary string: smb.pdb source: DCIService.exe, 00000025.00000002.3293877845.00007FFBAB969000.00000002.00000001.01000000.0000001E.sdmp
            Source: Binary string: api-ms-win-core-synch-l1-1-0.pdb source: api-ms-win-core-synch-l1-1-0.dll.8.dr
            Source: Binary string: c:\Projects\WebCompanion\Common\Lavasoft.Utils.SqlLite\obj\x86\Debug\Lavasoft.Utils.SqlLite.pdb source: WebCompanion.exe, 00000033.00000002.3361690161.0000000008BB2000.00000002.00000001.01000000.00000038.sdmp
            Source: Binary string: c:\dev\sqlite\dotnet\obj\2008\Release\System.Data.SQLite.pdbX. source: WebCompanion.exe, 00000033.00000002.3361794418.0000000008BD2000.00000002.00000001.01000000.00000039.sdmp, System.Data.SQLite.dll.8.dr
            Source: Binary string: c:\Windows\Temp\drone-ITnqm7dmUCKa46Dt\drone\src\WebCompanion\Companion.UI\obj\x86\Debug\WebCompanion.pdb source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp
            Source: Binary string: d:\agent\_work\2\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: DCIService.exe, 00000025.00000002.3295923966.00007FFBC1B20000.00000002.00000001.01000000.00000017.sdmp
            Source: Binary string: api-ms-win-core-processthreads-l1-1-0.pdb source: api-ms-win-core-processthreads-l1-1-0.dll0.8.dr
            Source: Binary string: ws\System.ServiceProcess.pdbpdbess.pdb source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3288927631.00000000014C6000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\Bamboo\home\xml-data\build-dir\OEMSDK-OHDS-SOURCES\bin\x64\Release\bddcihttp.pdbu source: DCIService.exe, 00000025.00000002.3292995652.00007FFBAAE5D000.00000002.00000001.01000000.00000019.sdmp
            Source: Binary string: api-ms-win-crt-private-l1-1-0.pdb source: api-ms-win-crt-private-l1-1-0.dll0.8.dr
            Source: Binary string: api-ms-win-core-file-l1-1-0.pdb source: api-ms-win-core-file-l1-1-0.dll.8.dr
            Source: Binary string: E:\builds\DCI-BDDCI345-ISV_new\bin\x64\Release\bddci_core.pdb source: DCIService.exe, 00000025.00000002.3292399816.00007FFBAAC40000.00000002.00000001.01000000.0000001A.sdmp
            Source: Binary string: C:\SourceCode\TFS\MozCompressor\Debug\MozCompressor.pdb source: WebCompanion.exe, 00000033.00000002.3371693950.000000000B635000.00000002.00000001.01000000.00000031.sdmp
            Source: Binary string: C:\Windows\System.ServiceProcess.pdbiles (x22 source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3288927631.00000000014C6000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: smtp.pdb source: DCIService.exe, 00000025.00000002.3295439090.00007FFBC1A1E000.00000002.00000001.01000000.0000001F.sdmp
            Source: Binary string: c:\Windows\Temp\drone-ITnqm7dmUCKa46Dt\drone\src\WebCompanion\Companion.UI\obj\x86\Debug\WebCompanion.pdb` source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp
            Source: Binary string: c:\Windows\Temp\drone-ITnqm7dmUCKa46Dt\drone\src\WebCompanion\Lavasoft.matcher\obj\Debug\Lavasoft.adblocker.pdb source: WebCompanion.exe, 00000033.00000002.3360658612.0000000008802000.00000002.00000001.01000000.0000003C.sdmp
            Source: Binary string: vcruntime140d.i386.pdb source: WebCompanion.exe, 00000033.00000002.3402091526.000000006E6C1000.00000020.00000001.01000000.00000032.sdmp
            Source: Binary string: ucrtbase.pdbUGP source: ucrtbase.dll0.8.dr
            Source: Binary string: compiler: cl /Zi /Fdossl_static.pdb /MT /Zl /Gs0 /GF /Gy /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC source: DCIService.exe, 00000025.00000002.3291601212.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe, 00000025.00000000.2258404445.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe0.8.dr
            Source: Binary string: bittorrent.pdb source: DCIService.exe, 00000025.00000002.3294656207.00007FFBB4C4B000.00000002.00000001.01000000.00000022.sdmp
            Source: Binary string: ssl.pdb source: DCIService.exe, 00000025.00000002.3294176146.00007FFBAB9A8000.00000002.00000001.01000000.0000001D.sdmp
            Source: Binary string: C:\Projects\WebCompanion\Common\SearchProtect.WcfService\obj\Debug\Lavasoft.WCAssistant.WcfService.pdb source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3304199031.000000001AC22000.00000002.00000001.01000000.00000042.sdmp
            Source: Binary string: rpc.pdb source: DCIService.exe, 00000025.00000002.3294409297.00007FFBB189B000.00000002.00000001.01000000.00000023.sdmp, rpc.dll0.8.dr
            Source: Binary string: C:\Windows\TEMP\drone-kwRqivJrrmmjgcRp\drone\src\DCIService\x64\Release\DCIService.pdb source: DCIService.exe, 00000025.00000002.3291601212.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe, 00000025.00000000.2258404445.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp
            Source: Binary string: erviceProcess.pdb source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3288927631.00000000014C6000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: d:\agent\_work\2\s\\binaries\amd64ret\bin\amd64\\msvcp140_1.amd64.pdb source: msvcp140_1.dll0.8.dr
            Source: Binary string: c:\Windows\Temp\drone-ITnqm7dmUCKa46Dt\drone\src\WebCompanion\Lavasoft.matcher\obj\Debug\Lavasoft.adblocker.pdbp source: WebCompanion.exe, 00000033.00000002.3360658612.0000000008802000.00000002.00000001.01000000.0000003C.sdmp
            Source: Binary string: api-ms-win-core-processenvironment-l1-1-0.pdb source: api-ms-win-core-processenvironment-l1-1-0.dll0.8.dr
            Source: Binary string: c:\Windows\Temp\drone-ITnqm7dmUCKa46Dt\drone\src\WebCompanion\Installer\WebCompanionInstaller\obj\Release\WebCompanionInstaller.pdb source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp
            Source: Binary string: ?crypto\stack\stack.ccompiler: cl /Zi /Fdossl_static.pdb /MT /Zl /Gs0 /GF /Gy /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PICcrypto\ex_data.c source: DCIService.exe0.8.dr
            Source: Binary string: C:\Projects\WebCompanion\Common\SearchProtect.WinService\obj\Debug\Lavasoft.WCAssistant.WinService.pdb source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000000.2382563063.0000000000F42000.00000002.00000001.01000000.00000036.sdmp
            Source: Binary string: D:\Projects\Adaware\webcompanion\Common\SearchProtect.Business\obj\x86\Debug\Lavasoft.SearchProtect.Business.pdb source: WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmp
            Source: Binary string: c:\Projects\WebCompanion\Common\Lavasoft.Compression\obj\x86\Debug\Lavasoft.Compression.pdb source: WebCompanion.exe, 00000033.00000002.3368956526.000000000B302000.00000002.00000001.01000000.00000030.sdmp
            Source: Binary string: api-ms-win-core-localization-l1-2-0.pdb source: api-ms-win-core-localization-l1-2-0.dll0.8.dr
            Source: Binary string: pop3.pdb source: DCIService.exe, 00000025.00000002.3295280426.00007FFBBC28C000.00000002.00000001.01000000.00000020.sdmp
            Source: Binary string: C:\BuildDependencies\WebCompanion993\WebCompanionExtensionIE\Debug\WebCompanionExtensionIE.pdbG source: WebCompanionExtensionIE.dll.8.dr
            Source: Binary string: D:\Bamboo\home\xml-data\build-dir\OEMSDK-OHDS-SOURCES\bin\Win32\Release\bddcihttp.pdb source: bddcihttp.dll0.8.dr
            Source: Binary string: sav.pdb source: DCIService.exe, 00000025.00000002.3295595677.00007FFBC1AB2000.00000002.00000001.01000000.0000001B.sdmp, sav.dll0.8.dr
            Source: Binary string: c:\Projects\WebCompanion\Common\Lavasoft.Utils.SqlLite\obj\x86\Debug\Lavasoft.Utils.SqlLite.pdb <>< 0<_CorDllMainmscoree.dll source: WebCompanion.exe, 00000033.00000002.3361690161.0000000008BB2000.00000002.00000001.01000000.00000038.sdmp
            Source: Binary string: api-ms-win-crt-multibyte-l1-1-0.pdb source: api-ms-win-crt-multibyte-l1-1-0.dll.8.dr
            Source: Binary string: crypto\stack\stack.ccompiler: cl /Zi /Fdossl_static.pdb /MT /Zl /Gs0 /GF /Gy /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PICcrypto\ex_data.c source: DCIService.exe, 00000025.00000002.3291601212.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe, 00000025.00000000.2258404445.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp
            Source: Binary string: E:\builds\DCI-BDDCI345-ISV_new\bin\x64\Release\bddci_core.pdbJ source: DCIService.exe, 00000025.00000002.3292399816.00007FFBAAC40000.00000002.00000001.01000000.0000001A.sdmp
            Source: Binary string: api-ms-win-core-rtlsupport-l1-1-0.pdb source: api-ms-win-core-rtlsupport-l1-1-0.dll.8.dr, api-ms-win-core-rtlsupport-l1-1-0.dll0.8.dr
            Source: Binary string: api-ms-win-core-timezone-l1-1-0.pdb source: api-ms-win-core-timezone-l1-1-0.dll0.8.dr
            Source: Binary string: d:\agent\_work\2\s\\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb source: DCIService.exe, 00000025.00000002.3295822591.00007FFBC1B05000.00000002.00000001.01000000.00000018.sdmp
            Source: Binary string: c:\dev\sqlite\dotnet\bin\2008\Win32\ReleaseNativeOnlyStatic\SQLite.Interop.pdb`: source: WebCompanion.exe, 00000033.00000002.3397980922.0000000065B48000.00000002.00000001.01000000.0000003A.sdmp
            Source: Binary string: lsa.pdb source: DCIService.exe, 00000025.00000002.3293537075.00007FFBAB93B000.00000002.00000001.01000000.00000024.sdmp
            Source: Binary string: c:\Temp\Release\Working\Newtonsoft.Json\Src\Newtonsoft.Json\obj\Release\Newtonsoft.Json.pdb source: WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3325261328.0000000007C42000.00000002.00000001.01000000.00000012.sdmp, Newtonsoft.Json.dll.8.dr
            Source: Binary string: vcruntime140d.i386.pdb+++ source: WebCompanion.exe, 00000033.00000002.3402091526.000000006E6C1000.00000020.00000001.01000000.00000032.sdmp
            Source: Binary string: C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.pdbping source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3288927631.00000000014C6000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: C:\BuildDependencies\WebCompanion993\WebCompanionExtensionIE\Debug\WebCompanionExtensionIE.pdb source: WebCompanionExtensionIE.dll.8.dr
            Source: Binary string: D:\Bamboo\home\xml-data\build-dir\OEMSDK-OHDS-SOURCES\bin\x64\Release\bddcihttp.pdb source: DCIService.exe, 00000025.00000002.3292995652.00007FFBAAE5D000.00000002.00000001.01000000.00000019.sdmp
            Source: Binary string: ucrtbased.pdb source: WebCompanion.exe, 00000033.00000002.3398528396.000000006D411000.00000020.00000001.01000000.00000034.sdmp
            Source: Binary string: ressor.pdb source: WebCompanion.exe, 00000033.00000002.3339218992.0000000005AE0000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: d:\agent\_work\9\s\\binaries\x86ret\bin\i386\vccorlib140.i386.pdb source: vccorlib140.dll.8.dr
            Source: Binary string: c:\dev\sqlite\dotnet\bin\2008\Win32\ReleaseNativeOnlyStatic\SQLite.Interop.pdb source: WebCompanion.exe, 00000033.00000002.3397980922.0000000065B48000.00000002.00000001.01000000.0000003A.sdmp
            Source: Binary string: c:\Windows\Temp\drone-ITnqm7dmUCKa46Dt\drone\src\WebCompanion\Lavasoft.AppCore\obj\Debug\Lavasoft.AppCore.pdb source: WebCompanion.exe, 00000038.00000002.3318646981.0000000005BF2000.00000002.00000001.01000000.00000027.sdmp
            Source: C:\Windows\SysWOW64\WerFault.exeFile opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\
            Source: C:\Windows\SysWOW64\WerFault.exeFile opened: C:\ProgramData\Microsoft\Windows\
            Source: C:\Windows\SysWOW64\WerFault.exeFile opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_FileZilla_3.67.1_b1d8707dd0e8f07444e01fbbc66cc7db671646f_d9daa34f_9e265d0b-d67d-4520-ac21-f891b6f9980f\
            Source: C:\Windows\SysWOW64\WerFault.exeFile opened: C:\ProgramData\Microsoft\Windows\WER\
            Source: C:\Windows\SysWOW64\WerFault.exeFile opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_FileZilla_3.67.1_a7d39bd21e76c0e123ab695c2fcb1a3cdab88d_d9daa34f_fdbed2e1-2b91-43ac-8441-9af887df1af0\
            Source: C:\Windows\SysWOW64\WerFault.exeFile opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue

            Networking

            barindex
            Yara detected Generic Downloader
            Source: Yara matchFile source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll, type: DROPPED
            Source: Yara matchFile source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll, type: DROPPED
            Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe, type: DROPPED
            Source: Yara matchFile source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe, type: DROPPED
            Source: Yara matchFile source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Search.exe, type: DROPPED
            Source: Yara matchFile source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe, type: DROPPED
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/dci/latest/Webprotection.zip HTTP/1.1Host: rt.webcompanion.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /api/v2/url/blacklist HTTP/1.1Host: acs.lavasoft.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /urlblacklist.json HTTP/1.1Host: acscdn.lavasoft.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /api/v2/url/permanentwhitelist HTTP/1.1Host: acs.lavasoft.com
            Source: global trafficHTTP traffic detected: GET /permanentUrlWhitelist.json HTTP/1.1Host: acscdn.lavasoft.com
            Source: global trafficHTTP traffic detected: POST /v1/event-stat?Type=Launch&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 303Connection: Keep-Alive
            Source: global trafficHTTP traffic detected: POST /v1/event-stat?Type=NanoBrowser&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 1648
            Source: global trafficHTTP traffic detected: POST /v1/event-stat?Type=ValidateMicrotargeting&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 678Connection: Keep-Alive
            Source: global trafficHTTP traffic detected: POST /v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 510
            Source: global trafficHTTP traffic detected: POST /v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 925
            Source: global trafficHTTP traffic detected: POST /v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 527
            Source: global trafficHTTP traffic detected: POST /v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 513
            Source: global trafficHTTP traffic detected: POST /v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 506
            Source: global trafficHTTP traffic detected: POST /v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 1052
            Source: global trafficHTTP traffic detected: POST /v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 509
            Source: global trafficHTTP traffic detected: POST /v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 504
            Source: global trafficHTTP traffic detected: POST /v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 1225
            Source: global trafficHTTP traffic detected: POST /v1/event-stat?Type=DialogShow&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 352
            Source: global trafficHTTP traffic detected: POST /v1/event-stat?Type=DialogShow&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 353
            Source: global trafficHTTP traffic detected: POST /v1/event-stat?Type=UIOpen&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 304
            Source: global trafficHTTP traffic detected: POST /v1/event-stat?Type=Launch&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 308Connection: Keep-Alive
            Source: global trafficHTTP traffic detected: POST /v1/event-stat?Type=UIOpen&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 304Connection: Keep-Alive
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 538Connection: Keep-Alive
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 413
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 419
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 397
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 389
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 391
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 406
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 422
            Source: global trafficHTTP traffic detected: POST /update.asmx HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://tempuri.org/GetComponentsVersionInfo"Host: wc-update-service.lavasoft.comContent-Length: 280Connection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /9.1.0.993/WebCompanion-9.1.0.993-prod.zip HTTP/1.1Host: wcdownloadercdn.lavasoft.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 448
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 422
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 427
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 438
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 422
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 425
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 420
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 397
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 397
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 418
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 414
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 457
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 470
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 464
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 434
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 458
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 459
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 442
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 453
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 452
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 452
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1Host: rt.webcompanion.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1Host: rt.webcompanion.com
            Source: global trafficHTTP traffic detected: GET /Partner.svc/GetPartnerInfo?partner=FZ210427 HTTP/1.1Host: wc-partners.lavasoft.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /Partner.svc/GetPartnerInfo?partner=FZ210427_wb HTTP/1.1Host: wc-partners.lavasoft.com
            Source: global trafficHTTP traffic detected: GET /Partner.svc/GetPartnerInfo?partner=FZ210427_ab HTTP/1.1Host: wc-partners.lavasoft.com
            Source: global trafficHTTP traffic detected: GET /Partner.svc/GetPartnerInfo?partner=FZ210427_ac HTTP/1.1Host: wc-partners.lavasoft.com
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=FirstRun&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 265Connection: Keep-Alive
            Source: global trafficHTTP traffic detected: POST /ipservice.asmx HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://lavasoft.com/GetLocation"Host: wsgeoip.lavasoft.comContent-Length: 236Connection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /version_logs?json=true&version=9.1.0.993 HTTP/1.1Host: webcompanion.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1Host: rt.webcompanion.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1Host: rt.webcompanion.com
            Source: global trafficHTTP traffic detected: POST /components.asmx HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://tempuri.org/GetComponentsInfo"Host: wc-update-service.lavasoft.comContent-Length: 342Connection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /version_logs?json=true&version=9.1.0.993 HTTP/1.1Host: webcompanion.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1Host: rt.webcompanion.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1Host: rt.webcompanion.com
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/postrun/prod/v1/FeatureActions.zip HTTP/1.1Host: rt.webcompanion.com
            Source: global trafficHTTP traffic detected: POST /components.asmx HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://tempuri.org/GetComponentsInfo"Host: wc-update-service.lavasoft.comContent-Length: 342Connection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /version_logs?json=true&version=9.1.0.993 HTTP/1.1Host: webcompanion.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 584
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 447Connection: Keep-Alive
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 569
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=CompleteInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 349
            Source: global trafficHTTP traffic detected: POST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 465
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1Host: rt.webcompanion.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1Host: rt.webcompanion.com
            Source: global trafficHTTP traffic detected: POST /components.asmx HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://tempuri.org/GetComponentsInfo"Host: wc-update-service.lavasoft.comContent-Length: 342Connection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /version_logs?json=true&version=9.1.0.993 HTTP/1.1Host: webcompanion.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1Host: rt.webcompanion.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: POST /components.asmx HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://tempuri.org/GetComponentsInfo"Host: wc-update-service.lavasoft.comContent-Length: 342Connection: Keep-Alive
            Source: Joe Sandbox ViewIP Address: 64.18.87.4 64.18.87.4
            Source: Joe Sandbox ViewIP Address: 64.18.87.82 64.18.87.82
            Source: Joe Sandbox ViewIP Address: 64.18.87.82 64.18.87.82
            Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
            Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 22 Jul 2024 10:50:44 GMTContent-Type: application/zipContent-Length: 12024981Connection: keep-aliveETag: "1474771251"Last-Modified: Fri, 24 Nov 2023 19:05:15 GMTCF-Cache-Status: HITAge: 1042Expires: Mon, 22 Jul 2024 14:50:44 GMTCache-Control: public, max-age=14400Accept-Ranges: bytesServer: cloudflareCF-RAY: 8a72df1a0d520f74-EWRData Raw: 50 4b 03 04 14 00 00 00 08 00 27 2d 78 57 0a 72 2c 2d 67 46 03 00 d8 24 07 00 13 00 00 00 41 70 70 6c 69 63 61 74 69 6f 6e 2f 37 7a 61 2e 65 78 65 ec bd 79 78 54 45 d6 38 7c 7b 49 d2 59 48 27 40 43 58 c4 56 5b 8d 84 25 43 50 93 34 68 5f d2 4d 6e 43 47 40 44 51 a3 a0 68 0b ae 18 fa 86 20 8b 60 27 be e9 5c 5b 1d c5 19 75 1c c7 79 67 9c cf 19 97 51 47 59 5c bb 13 c8 c2 be b8 b0 8c 8a 7b 85 16 64 91 10 b6 dc ef 9c 53 b7 b7 10 a2 cf f7 fc 7e ff 7d 79 9e f4 dd aa 4e 9d 3a 75 ea d4 a9 53 a7 4e 55 dc f4 a4 60 10 04 c1 08 ff aa 2a 08 6b 04 fe e7 10 7e fd 8f c1 7f f6 f9 ef 65 0b ef a4 6f be 60 8d ce b3 f9 82 eb e6 ce 5b 60 9d 5f f5 c0 5d 55 b7 dd 67 9d 73 db fd f7 3f e0 b3 de 7e a7 b5 4a be df 3a ef 7e ab 73 ca 74 eb 7d 0f dc 71 e7 a8 3e 7d 32 6c 1a 8c f3 87 dd dd 75 f3 c3 c6 d7 a3 ff 23 bf 59 f4 fa 4d 74 7d f8 f5 a9 f4 2e e5 f5 36 7a be fb f5 1c ba ce 7b fd 3a b8 3a be 79 5e 4b 57 a3 5d 97 d0 f5 da 79 73 e6 22 9c ee b8 4e 75 09 c2 1d 8f a6 08 f3 bf bf ef a6 e8 bb 43 c2 45 42 a6 de 24 08 cd 50 fb 6b f4 f4 2e a7 0d ee 73 12 28 80 f7 7a 4e 1f fc 4b 11 f4 1a 81 d2 e8 e5 a2 e7 d2 90 7e 2b b4 4c b1 cb d9 cf 49 b7 82 f3 f1 54 a1 06 6f 0a d3 84 1c 6c 80 6d a9 c2 cc 59 70 3d 92 2a ec 1a 23 fc 7f ff db 67 14 72 8c e7 fe 3c ca 77 67 8d 0f ae 19 eb b4 7a 62 dd bb a5 b7 0a c2 ec 51 55 77 dc e6 bb 4d 10 3a de d3 11 4c e1 03 b8 6e 48 4e 08 14 72 8c e2 c9 84 5d 23 e0 e7 a5 54 41 00 72 0a 8f a6 76 4f 17 1a 35 9f 27 a4 3a 42 5d 85 d9 70 7d 3c f5 6c 78 55 0b aa e6 20 ad 0c 9c 36 84 db c1 b3 d3 09 ff ff df ff 91 3f 69 fa 8c eb 6f 10 af 13 67 88 d7 8b 37 48 fe 9f f2 25 45 5f b4 b7 42 e9 0c dc 64 f2 06 f2 dc 8a 20 06 66 e2 5d c9 8d 26 49 d9 ef 51 da 9d 0d 47 95 53 d5 0f 78 94 6f dd 8a 4b 10 cd ab c7 1a bd fe 2e ab 2f 15 7e d3 e5 14 67 e9 51 5f 19 dc 5e 28 a7 c3 ad 68 5e d9 1c b9 44 71 99 4a 5c 59 32 00 d8 cc ee 19 26 08 ca 0c b8 ad 10 bc 81 b1 d3 d4 46 6f 60 e8 b4 c0 0c 93 d2 a8 b6 b8 fd eb f4 a2 7d a9 a9 ea e5 88 39 38 45 27 05 fb 4b 6e 65 2b 63 17 08 82 fd 94 f9 99 90 e4 5f 97 2f ce 12 6f 15 6f 11 2b 67 dd 7a cb cd 4d 9b 36 11 fe 84 f7 1c 44 f0 44 dd 5e 49 39 ea 1b 21 85 7f 30 48 4a 9a e4 3f 68 f2 37 a9 92 32 22 55 aa 3b e0 cb c5 52 59 1b b0 3d 62 12 86 6b dd 5e 79 97 a4 98 11 30 02 6c 7f 1d de 6d 2a 0a d5 eb a4 80 68 0a 88 39 01 b1 bf a4 84 b1 9c 80 c7 66 9a 0e 05 15 4a 2d 4e 9b b5 4b 55 01 ea ee a2 90 14 48 48 da 22 e6 a9 f8 c1 1f b6 b2 59 83 04 e1 49 29 38 b9 90 3d 73 3e de 29 4d 50 48 21 a2 4c 7f d2 0c 80 65 05 8a 02 4a 0e c8 60 62 63 28 e7 3a eb 2d 4d 3d 7d b7 b2 f7 76 18 04 fe 3d b1 ce 39 b1 3a 8f e4 75 2e 37 f5 58 e9 4f cc bc Data Ascii: PK'-xWr,-gF$Application/
            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 22 Jul 2024 10:51:47 GMTContent-Type: application/zipContent-Length: 17770Connection: keep-aliveETag: "1817264281"Last-Modified: Mon, 17 Jun 2024 14:26:00 GMTCF-Cache-Status: HITAge: 236Expires: Mon, 22 Jul 2024 14:51:47 GMTCache-Control: public, max-age=14400Accept-Ranges: bytesServer: cloudflareCF-RAY: 8a72e0a61c308ce6-EWRData Raw: 50 4b 03 04 14 00 01 00 08 00 3a 3d 41 58 37 5c 92 30 c0 44 00 00 72 cc 04 00 12 00 00 00 41 63 74 69 76 65 46 65 61 74 75 72 65 73 2e 74 78 74 a0 9b 2b 93 83 40 fc 73 6a 70 bb 23 a6 14 85 19 db 7f 9e 92 13 c4 c9 4b 31 fb 85 fc 04 d8 12 02 3b 04 ac 2f 2d a7 ef 1b ac a6 c7 02 06 b4 5b a6 5b 13 0e 41 d0 84 42 9e c4 12 82 c4 65 78 71 e8 aa bd c0 29 37 0e 92 20 37 3a 5e 80 b9 ea 89 67 13 4b 20 f3 b5 94 21 69 16 62 55 a7 56 c8 73 d6 98 fb 8e 87 4f 24 76 37 7c 65 5c b2 1b 8e b9 80 ec 57 ff e0 e4 27 f3 f8 a6 5a fd 64 76 65 55 2a 6f f6 52 a0 08 3e a0 25 15 8b a9 77 8c c3 ec 24 f2 2d 3b af 9d 9b 51 9b 18 ac bc 34 19 54 96 8c 06 fa 06 ee c4 66 24 01 2b 54 a6 24 df 26 9d 51 3f 39 c3 e6 99 06 23 22 f6 36 3e fd a1 dd d3 fd e7 0c c4 ee 30 c1 10 eb 15 6f 83 40 da df 9f 6a f9 28 cc 2a 69 29 08 48 22 1d 42 8d 0c 31 60 e4 3d a8 cd 26 30 96 ac 49 38 43 c3 52 9f a5 ce 22 79 e3 be 0a 9e 01 63 4d 37 97 67 e4 fb 80 e3 09 fa be ab d9 9e 5c 40 05 91 01 0d 38 db e2 06 78 94 45 0d 03 34 8b 82 1d 53 dc 7c 49 81 9f 81 18 1d 79 79 37 13 18 7e 02 86 25 57 3f 1b 37 21 4a ab c5 68 8c 72 66 a5 c6 64 42 aa 5e 4f 51 22 9e 49 44 47 c4 05 fd fd 21 6f de 2b 89 5e 36 1c 56 1d 12 bb 59 b6 a7 36 8c 10 be 3c fc c8 ea f7 dc 77 fa 4e 0e 4e 08 c3 50 a2 b7 50 32 80 d6 b2 f9 5c 81 3f df 97 ff fc a6 9f 45 cd 59 00 5e 98 6a df a0 06 ac b4 8d c3 05 3e 69 fe 5b 98 70 60 8f 4c 5f fd 1a a8 73 c7 58 71 98 3e 23 7e d1 c3 6e 59 e4 0f a4 f7 d3 3e 4c e3 4f 39 72 87 ff 83 a9 73 41 9e 99 53 81 2b cb 67 9b 35 1e 46 42 14 19 69 ee ad 71 99 c1 67 9d 55 66 ea 7b bb 12 2a 76 c9 42 55 a8 07 42 71 e0 cd 0a f9 54 70 b6 f9 f6 4b fe 46 3b 2f 85 ac db 06 cb f7 d9 af bf 5b bd 26 57 49 41 50 d9 de 75 fa 53 8e cb 2d 26 76 a7 33 d8 21 f9 c2 e0 59 27 05 62 4d ce b7 e8 6c 88 e0 d1 7b 5b 3a 98 d6 35 a5 73 90 97 56 0e 85 00 4c 33 01 6f 6d de c2 bd a5 fb c1 fb 09 0e 37 bf 27 e3 b3 aa 4f 34 de 27 28 56 23 ea c3 e5 a0 3a 5c 95 0f d6 d0 03 00 ef 84 23 01 15 f9 e4 c8 56 85 4f c0 4f 26 3c 00 c0 b2 73 84 7d 59 e1 64 f7 7c 18 c0 3c 50 e5 0e b3 40 03 da 8c 8e 6a 89 4d 25 c8 4f 08 08 35 f2 9a fc 1e db 6c 48 01 73 5e 53 59 66 61 b1 8c 43 44 44 9b 96 ed 15 77 9e 19 56 18 a0 7f de 89 ba 1f 0f 13 63 45 f4 38 16 7e 63 45 54 4c d2 cb 30 83 59 d8 49 45 64 40 87 9d 2e d1 5f 50 df 85 51 86 fa 7e 77 c6 07 5c 66 41 b8 54 85 a2 a7 c1 37 4b e5 89 69 b4 de 79 77 71 7c d4 f8 fd 7f e1 14 dd c8 2b 1d 23 09 94 db 5d e5 a6 4e 9e 9e c3 88 e9 97 82 19 02 22 9d 3e 86 28 b0 89 41 10 9e f7 ac 30 b5 62 1d 55 2d a1 6c 9d 44 d4 81 ec 4d 23 ae 45 54 98 13 91 0a 59 61 ba db 8a dd 10 2d 68 d7 12 7d aa 65 f0 70 95 8e ae 3c 29 c4 c0 fd Data Ascii: PK:=AX7\0DrActi
            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 22 Jul 2024 10:51:48 GMTContent-Type: application/zipContent-Length: 17770Connection: keep-aliveETag: "1817264281"Last-Modified: Mon, 17 Jun 2024 14:26:00 GMTCF-Cache-Status: HITAge: 237Expires: Mon, 22 Jul 2024 14:51:48 GMTCache-Control: public, max-age=14400Accept-Ranges: bytesServer: cloudflareCF-RAY: 8a72e0a90e1f8ce6-EWRData Raw: 50 4b 03 04 14 00 01 00 08 00 3a 3d 41 58 37 5c 92 30 c0 44 00 00 72 cc 04 00 12 00 00 00 41 63 74 69 76 65 46 65 61 74 75 72 65 73 2e 74 78 74 a0 9b 2b 93 83 40 fc 73 6a 70 bb 23 a6 14 85 19 db 7f 9e 92 13 c4 c9 4b 31 fb 85 fc 04 d8 12 02 3b 04 ac 2f 2d a7 ef 1b ac a6 c7 02 06 b4 5b a6 5b 13 0e 41 d0 84 42 9e c4 12 82 c4 65 78 71 e8 aa bd c0 29 37 0e 92 20 37 3a 5e 80 b9 ea 89 67 13 4b 20 f3 b5 94 21 69 16 62 55 a7 56 c8 73 d6 98 fb 8e 87 4f 24 76 37 7c 65 5c b2 1b 8e b9 80 ec 57 ff e0 e4 27 f3 f8 a6 5a fd 64 76 65 55 2a 6f f6 52 a0 08 3e a0 25 15 8b a9 77 8c c3 ec 24 f2 2d 3b af 9d 9b 51 9b 18 ac bc 34 19 54 96 8c 06 fa 06 ee c4 66 24 01 2b 54 a6 24 df 26 9d 51 3f 39 c3 e6 99 06 23 22 f6 36 3e fd a1 dd d3 fd e7 0c c4 ee 30 c1 10 eb 15 6f 83 40 da df 9f 6a f9 28 cc 2a 69 29 08 48 22 1d 42 8d 0c 31 60 e4 3d a8 cd 26 30 96 ac 49 38 43 c3 52 9f a5 ce 22 79 e3 be 0a 9e 01 63 4d 37 97 67 e4 fb 80 e3 09 fa be ab d9 9e 5c 40 05 91 01 0d 38 db e2 06 78 94 45 0d 03 34 8b 82 1d 53 dc 7c 49 81 9f 81 18 1d 79 79 37 13 18 7e 02 86 25 57 3f 1b 37 21 4a ab c5 68 8c 72 66 a5 c6 64 42 aa 5e 4f 51 22 9e 49 44 47 c4 05 fd fd 21 6f de 2b 89 5e 36 1c 56 1d 12 bb 59 b6 a7 36 8c 10 be 3c fc c8 ea f7 dc 77 fa 4e 0e 4e 08 c3 50 a2 b7 50 32 80 d6 b2 f9 5c 81 3f df 97 ff fc a6 9f 45 cd 59 00 5e 98 6a df a0 06 ac b4 8d c3 05 3e 69 fe 5b 98 70 60 8f 4c 5f fd 1a a8 73 c7 58 71 98 3e 23 7e d1 c3 6e 59 e4 0f a4 f7 d3 3e 4c e3 4f 39 72 87 ff 83 a9 73 41 9e 99 53 81 2b cb 67 9b 35 1e 46 42 14 19 69 ee ad 71 99 c1 67 9d 55 66 ea 7b bb 12 2a 76 c9 42 55 a8 07 42 71 e0 cd 0a f9 54 70 b6 f9 f6 4b fe 46 3b 2f 85 ac db 06 cb f7 d9 af bf 5b bd 26 57 49 41 50 d9 de 75 fa 53 8e cb 2d 26 76 a7 33 d8 21 f9 c2 e0 59 27 05 62 4d ce b7 e8 6c 88 e0 d1 7b 5b 3a 98 d6 35 a5 73 90 97 56 0e 85 00 4c 33 01 6f 6d de c2 bd a5 fb c1 fb 09 0e 37 bf 27 e3 b3 aa 4f 34 de 27 28 56 23 ea c3 e5 a0 3a 5c 95 0f d6 d0 03 00 ef 84 23 01 15 f9 e4 c8 56 85 4f c0 4f 26 3c 00 c0 b2 73 84 7d 59 e1 64 f7 7c 18 c0 3c 50 e5 0e b3 40 03 da 8c 8e 6a 89 4d 25 c8 4f 08 08 35 f2 9a fc 1e db 6c 48 01 73 5e 53 59 66 61 b1 8c 43 44 44 9b 96 ed 15 77 9e 19 56 18 a0 7f de 89 ba 1f 0f 13 63 45 f4 38 16 7e 63 45 54 4c d2 cb 30 83 59 d8 49 45 64 40 87 9d 2e d1 5f 50 df 85 51 86 fa 7e 77 c6 07 5c 66 41 b8 54 85 a2 a7 c1 37 4b e5 89 69 b4 de 79 77 71 7c d4 f8 fd 7f e1 14 dd c8 2b 1d 23 09 94 db 5d e5 a6 4e 9e 9e c3 88 e9 97 82 19 02 22 9d 3e 86 28 b0 89 41 10 9e f7 ac 30 b5 62 1d 55 2d a1 6c 9d 44 d4 81 ec 4d 23 ae 45 54 98 13 91 0a 59 61 ba db 8a dd 10 2d 68 d7 12 7d aa 65 f0 70 95 8e ae 3c 29 c4 c0 fd Data Ascii: PK:=AX7\0DrActi
            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 22 Jul 2024 10:51:59 GMTContent-Type: application/zipContent-Length: 17770Connection: keep-aliveETag: "1817264281"Last-Modified: Mon, 17 Jun 2024 14:26:00 GMTCF-Cache-Status: HITAge: 248Expires: Mon, 22 Jul 2024 14:51:59 GMTCache-Control: public, max-age=14400Accept-Ranges: bytesServer: cloudflareCF-RAY: 8a72e0ee3964189d-EWRData Raw: 50 4b 03 04 14 00 01 00 08 00 3a 3d 41 58 37 5c 92 30 c0 44 00 00 72 cc 04 00 12 00 00 00 41 63 74 69 76 65 46 65 61 74 75 72 65 73 2e 74 78 74 a0 9b 2b 93 83 40 fc 73 6a 70 bb 23 a6 14 85 19 db 7f 9e 92 13 c4 c9 4b 31 fb 85 fc 04 d8 12 02 3b 04 ac 2f 2d a7 ef 1b ac a6 c7 02 06 b4 5b a6 5b 13 0e 41 d0 84 42 9e c4 12 82 c4 65 78 71 e8 aa bd c0 29 37 0e 92 20 37 3a 5e 80 b9 ea 89 67 13 4b 20 f3 b5 94 21 69 16 62 55 a7 56 c8 73 d6 98 fb 8e 87 4f 24 76 37 7c 65 5c b2 1b 8e b9 80 ec 57 ff e0 e4 27 f3 f8 a6 5a fd 64 76 65 55 2a 6f f6 52 a0 08 3e a0 25 15 8b a9 77 8c c3 ec 24 f2 2d 3b af 9d 9b 51 9b 18 ac bc 34 19 54 96 8c 06 fa 06 ee c4 66 24 01 2b 54 a6 24 df 26 9d 51 3f 39 c3 e6 99 06 23 22 f6 36 3e fd a1 dd d3 fd e7 0c c4 ee 30 c1 10 eb 15 6f 83 40 da df 9f 6a f9 28 cc 2a 69 29 08 48 22 1d 42 8d 0c 31 60 e4 3d a8 cd 26 30 96 ac 49 38 43 c3 52 9f a5 ce 22 79 e3 be 0a 9e 01 63 4d 37 97 67 e4 fb 80 e3 09 fa be ab d9 9e 5c 40 05 91 01 0d 38 db e2 06 78 94 45 0d 03 34 8b 82 1d 53 dc 7c 49 81 9f 81 18 1d 79 79 37 13 18 7e 02 86 25 57 3f 1b 37 21 4a ab c5 68 8c 72 66 a5 c6 64 42 aa 5e 4f 51 22 9e 49 44 47 c4 05 fd fd 21 6f de 2b 89 5e 36 1c 56 1d 12 bb 59 b6 a7 36 8c 10 be 3c fc c8 ea f7 dc 77 fa 4e 0e 4e 08 c3 50 a2 b7 50 32 80 d6 b2 f9 5c 81 3f df 97 ff fc a6 9f 45 cd 59 00 5e 98 6a df a0 06 ac b4 8d c3 05 3e 69 fe 5b 98 70 60 8f 4c 5f fd 1a a8 73 c7 58 71 98 3e 23 7e d1 c3 6e 59 e4 0f a4 f7 d3 3e 4c e3 4f 39 72 87 ff 83 a9 73 41 9e 99 53 81 2b cb 67 9b 35 1e 46 42 14 19 69 ee ad 71 99 c1 67 9d 55 66 ea 7b bb 12 2a 76 c9 42 55 a8 07 42 71 e0 cd 0a f9 54 70 b6 f9 f6 4b fe 46 3b 2f 85 ac db 06 cb f7 d9 af bf 5b bd 26 57 49 41 50 d9 de 75 fa 53 8e cb 2d 26 76 a7 33 d8 21 f9 c2 e0 59 27 05 62 4d ce b7 e8 6c 88 e0 d1 7b 5b 3a 98 d6 35 a5 73 90 97 56 0e 85 00 4c 33 01 6f 6d de c2 bd a5 fb c1 fb 09 0e 37 bf 27 e3 b3 aa 4f 34 de 27 28 56 23 ea c3 e5 a0 3a 5c 95 0f d6 d0 03 00 ef 84 23 01 15 f9 e4 c8 56 85 4f c0 4f 26 3c 00 c0 b2 73 84 7d 59 e1 64 f7 7c 18 c0 3c 50 e5 0e b3 40 03 da 8c 8e 6a 89 4d 25 c8 4f 08 08 35 f2 9a fc 1e db 6c 48 01 73 5e 53 59 66 61 b1 8c 43 44 44 9b 96 ed 15 77 9e 19 56 18 a0 7f de 89 ba 1f 0f 13 63 45 f4 38 16 7e 63 45 54 4c d2 cb 30 83 59 d8 49 45 64 40 87 9d 2e d1 5f 50 df 85 51 86 fa 7e 77 c6 07 5c 66 41 b8 54 85 a2 a7 c1 37 4b e5 89 69 b4 de 79 77 71 7c d4 f8 fd 7f e1 14 dd c8 2b 1d 23 09 94 db 5d e5 a6 4e 9e 9e c3 88 e9 97 82 19 02 22 9d 3e 86 28 b0 89 41 10 9e f7 ac 30 b5 62 1d 55 2d a1 6c 9d 44 d4 81 ec 4d 23 ae 45 54 98 13 91 0a 59 61 ba db 8a dd 10 2d 68 d7 12 7d aa 65 f0 70 95 8e ae 3c 29 c4 c0 fd Data Ascii: PK:=AX7\0DrActi
            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 22 Jul 2024 10:51:59 GMTContent-Type: application/zipContent-Length: 17770Connection: keep-aliveETag: "1817264281"Last-Modified: Mon, 17 Jun 2024 14:26:00 GMTCF-Cache-Status: HITAge: 248Expires: Mon, 22 Jul 2024 14:51:59 GMTCache-Control: public, max-age=14400Accept-Ranges: bytesServer: cloudflareCF-RAY: 8a72e0f0caa6189d-EWRData Raw: 50 4b 03 04 14 00 01 00 08 00 3a 3d 41 58 37 5c 92 30 c0 44 00 00 72 cc 04 00 12 00 00 00 41 63 74 69 76 65 46 65 61 74 75 72 65 73 2e 74 78 74 a0 9b 2b 93 83 40 fc 73 6a 70 bb 23 a6 14 85 19 db 7f 9e 92 13 c4 c9 4b 31 fb 85 fc 04 d8 12 02 3b 04 ac 2f 2d a7 ef 1b ac a6 c7 02 06 b4 5b a6 5b 13 0e 41 d0 84 42 9e c4 12 82 c4 65 78 71 e8 aa bd c0 29 37 0e 92 20 37 3a 5e 80 b9 ea 89 67 13 4b 20 f3 b5 94 21 69 16 62 55 a7 56 c8 73 d6 98 fb 8e 87 4f 24 76 37 7c 65 5c b2 1b 8e b9 80 ec 57 ff e0 e4 27 f3 f8 a6 5a fd 64 76 65 55 2a 6f f6 52 a0 08 3e a0 25 15 8b a9 77 8c c3 ec 24 f2 2d 3b af 9d 9b 51 9b 18 ac bc 34 19 54 96 8c 06 fa 06 ee c4 66 24 01 2b 54 a6 24 df 26 9d 51 3f 39 c3 e6 99 06 23 22 f6 36 3e fd a1 dd d3 fd e7 0c c4 ee 30 c1 10 eb 15 6f 83 40 da df 9f 6a f9 28 cc 2a 69 29 08 48 22 1d 42 8d 0c 31 60 e4 3d a8 cd 26 30 96 ac 49 38 43 c3 52 9f a5 ce 22 79 e3 be 0a 9e 01 63 4d 37 97 67 e4 fb 80 e3 09 fa be ab d9 9e 5c 40 05 91 01 0d 38 db e2 06 78 94 45 0d 03 34 8b 82 1d 53 dc 7c 49 81 9f 81 18 1d 79 79 37 13 18 7e 02 86 25 57 3f 1b 37 21 4a ab c5 68 8c 72 66 a5 c6 64 42 aa 5e 4f 51 22 9e 49 44 47 c4 05 fd fd 21 6f de 2b 89 5e 36 1c 56 1d 12 bb 59 b6 a7 36 8c 10 be 3c fc c8 ea f7 dc 77 fa 4e 0e 4e 08 c3 50 a2 b7 50 32 80 d6 b2 f9 5c 81 3f df 97 ff fc a6 9f 45 cd 59 00 5e 98 6a df a0 06 ac b4 8d c3 05 3e 69 fe 5b 98 70 60 8f 4c 5f fd 1a a8 73 c7 58 71 98 3e 23 7e d1 c3 6e 59 e4 0f a4 f7 d3 3e 4c e3 4f 39 72 87 ff 83 a9 73 41 9e 99 53 81 2b cb 67 9b 35 1e 46 42 14 19 69 ee ad 71 99 c1 67 9d 55 66 ea 7b bb 12 2a 76 c9 42 55 a8 07 42 71 e0 cd 0a f9 54 70 b6 f9 f6 4b fe 46 3b 2f 85 ac db 06 cb f7 d9 af bf 5b bd 26 57 49 41 50 d9 de 75 fa 53 8e cb 2d 26 76 a7 33 d8 21 f9 c2 e0 59 27 05 62 4d ce b7 e8 6c 88 e0 d1 7b 5b 3a 98 d6 35 a5 73 90 97 56 0e 85 00 4c 33 01 6f 6d de c2 bd a5 fb c1 fb 09 0e 37 bf 27 e3 b3 aa 4f 34 de 27 28 56 23 ea c3 e5 a0 3a 5c 95 0f d6 d0 03 00 ef 84 23 01 15 f9 e4 c8 56 85 4f c0 4f 26 3c 00 c0 b2 73 84 7d 59 e1 64 f7 7c 18 c0 3c 50 e5 0e b3 40 03 da 8c 8e 6a 89 4d 25 c8 4f 08 08 35 f2 9a fc 1e db 6c 48 01 73 5e 53 59 66 61 b1 8c 43 44 44 9b 96 ed 15 77 9e 19 56 18 a0 7f de 89 ba 1f 0f 13 63 45 f4 38 16 7e 63 45 54 4c d2 cb 30 83 59 d8 49 45 64 40 87 9d 2e d1 5f 50 df 85 51 86 fa 7e 77 c6 07 5c 66 41 b8 54 85 a2 a7 c1 37 4b e5 89 69 b4 de 79 77 71 7c d4 f8 fd 7f e1 14 dd c8 2b 1d 23 09 94 db 5d e5 a6 4e 9e 9e c3 88 e9 97 82 19 02 22 9d 3e 86 28 b0 89 41 10 9e f7 ac 30 b5 62 1d 55 2d a1 6c 9d 44 d4 81 ec 4d 23 ae 45 54 98 13 91 0a 59 61 ba db 8a dd 10 2d 68 d7 12 7d aa 65 f0 70 95 8e ae 3c 29 c4 c0 fd Data Ascii: PK:=AX7\0DrActi
            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 22 Jul 2024 10:52:06 GMTContent-Type: application/zipContent-Length: 17770Connection: keep-aliveETag: "1817264281"Last-Modified: Mon, 17 Jun 2024 14:26:00 GMTCF-Cache-Status: HITAge: 255Expires: Mon, 22 Jul 2024 14:52:06 GMTCache-Control: public, max-age=14400Accept-Ranges: bytesServer: cloudflareCF-RAY: 8a72e11e79b00f81-EWRData Raw: 50 4b 03 04 14 00 01 00 08 00 3a 3d 41 58 37 5c 92 30 c0 44 00 00 72 cc 04 00 12 00 00 00 41 63 74 69 76 65 46 65 61 74 75 72 65 73 2e 74 78 74 a0 9b 2b 93 83 40 fc 73 6a 70 bb 23 a6 14 85 19 db 7f 9e 92 13 c4 c9 4b 31 fb 85 fc 04 d8 12 02 3b 04 ac 2f 2d a7 ef 1b ac a6 c7 02 06 b4 5b a6 5b 13 0e 41 d0 84 42 9e c4 12 82 c4 65 78 71 e8 aa bd c0 29 37 0e 92 20 37 3a 5e 80 b9 ea 89 67 13 4b 20 f3 b5 94 21 69 16 62 55 a7 56 c8 73 d6 98 fb 8e 87 4f 24 76 37 7c 65 5c b2 1b 8e b9 80 ec 57 ff e0 e4 27 f3 f8 a6 5a fd 64 76 65 55 2a 6f f6 52 a0 08 3e a0 25 15 8b a9 77 8c c3 ec 24 f2 2d 3b af 9d 9b 51 9b 18 ac bc 34 19 54 96 8c 06 fa 06 ee c4 66 24 01 2b 54 a6 24 df 26 9d 51 3f 39 c3 e6 99 06 23 22 f6 36 3e fd a1 dd d3 fd e7 0c c4 ee 30 c1 10 eb 15 6f 83 40 da df 9f 6a f9 28 cc 2a 69 29 08 48 22 1d 42 8d 0c 31 60 e4 3d a8 cd 26 30 96 ac 49 38 43 c3 52 9f a5 ce 22 79 e3 be 0a 9e 01 63 4d 37 97 67 e4 fb 80 e3 09 fa be ab d9 9e 5c 40 05 91 01 0d 38 db e2 06 78 94 45 0d 03 34 8b 82 1d 53 dc 7c 49 81 9f 81 18 1d 79 79 37 13 18 7e 02 86 25 57 3f 1b 37 21 4a ab c5 68 8c 72 66 a5 c6 64 42 aa 5e 4f 51 22 9e 49 44 47 c4 05 fd fd 21 6f de 2b 89 5e 36 1c 56 1d 12 bb 59 b6 a7 36 8c 10 be 3c fc c8 ea f7 dc 77 fa 4e 0e 4e 08 c3 50 a2 b7 50 32 80 d6 b2 f9 5c 81 3f df 97 ff fc a6 9f 45 cd 59 00 5e 98 6a df a0 06 ac b4 8d c3 05 3e 69 fe 5b 98 70 60 8f 4c 5f fd 1a a8 73 c7 58 71 98 3e 23 7e d1 c3 6e 59 e4 0f a4 f7 d3 3e 4c e3 4f 39 72 87 ff 83 a9 73 41 9e 99 53 81 2b cb 67 9b 35 1e 46 42 14 19 69 ee ad 71 99 c1 67 9d 55 66 ea 7b bb 12 2a 76 c9 42 55 a8 07 42 71 e0 cd 0a f9 54 70 b6 f9 f6 4b fe 46 3b 2f 85 ac db 06 cb f7 d9 af bf 5b bd 26 57 49 41 50 d9 de 75 fa 53 8e cb 2d 26 76 a7 33 d8 21 f9 c2 e0 59 27 05 62 4d ce b7 e8 6c 88 e0 d1 7b 5b 3a 98 d6 35 a5 73 90 97 56 0e 85 00 4c 33 01 6f 6d de c2 bd a5 fb c1 fb 09 0e 37 bf 27 e3 b3 aa 4f 34 de 27 28 56 23 ea c3 e5 a0 3a 5c 95 0f d6 d0 03 00 ef 84 23 01 15 f9 e4 c8 56 85 4f c0 4f 26 3c 00 c0 b2 73 84 7d 59 e1 64 f7 7c 18 c0 3c 50 e5 0e b3 40 03 da 8c 8e 6a 89 4d 25 c8 4f 08 08 35 f2 9a fc 1e db 6c 48 01 73 5e 53 59 66 61 b1 8c 43 44 44 9b 96 ed 15 77 9e 19 56 18 a0 7f de 89 ba 1f 0f 13 63 45 f4 38 16 7e 63 45 54 4c d2 cb 30 83 59 d8 49 45 64 40 87 9d 2e d1 5f 50 df 85 51 86 fa 7e 77 c6 07 5c 66 41 b8 54 85 a2 a7 c1 37 4b e5 89 69 b4 de 79 77 71 7c d4 f8 fd 7f e1 14 dd c8 2b 1d 23 09 94 db 5d e5 a6 4e 9e 9e c3 88 e9 97 82 19 02 22 9d 3e 86 28 b0 89 41 10 9e f7 ac 30 b5 62 1d 55 2d a1 6c 9d 44 d4 81 ec 4d 23 ae 45 54 98 13 91 0a 59 61 ba db 8a dd 10 2d 68 d7 12 7d aa 65 f0 70 95 8e ae 3c 29 c4 c0 fd Data Ascii: PK:=AX7\0DrActi
            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 22 Jul 2024 10:52:07 GMTContent-Type: application/zipContent-Length: 17770Connection: keep-aliveETag: "1817264281"Last-Modified: Mon, 17 Jun 2024 14:26:00 GMTCF-Cache-Status: HITAge: 256Expires: Mon, 22 Jul 2024 14:52:07 GMTCache-Control: public, max-age=14400Accept-Ranges: bytesServer: cloudflareCF-RAY: 8a72e1215b5a0f81-EWRData Raw: 50 4b 03 04 14 00 01 00 08 00 3a 3d 41 58 37 5c 92 30 c0 44 00 00 72 cc 04 00 12 00 00 00 41 63 74 69 76 65 46 65 61 74 75 72 65 73 2e 74 78 74 a0 9b 2b 93 83 40 fc 73 6a 70 bb 23 a6 14 85 19 db 7f 9e 92 13 c4 c9 4b 31 fb 85 fc 04 d8 12 02 3b 04 ac 2f 2d a7 ef 1b ac a6 c7 02 06 b4 5b a6 5b 13 0e 41 d0 84 42 9e c4 12 82 c4 65 78 71 e8 aa bd c0 29 37 0e 92 20 37 3a 5e 80 b9 ea 89 67 13 4b 20 f3 b5 94 21 69 16 62 55 a7 56 c8 73 d6 98 fb 8e 87 4f 24 76 37 7c 65 5c b2 1b 8e b9 80 ec 57 ff e0 e4 27 f3 f8 a6 5a fd 64 76 65 55 2a 6f f6 52 a0 08 3e a0 25 15 8b a9 77 8c c3 ec 24 f2 2d 3b af 9d 9b 51 9b 18 ac bc 34 19 54 96 8c 06 fa 06 ee c4 66 24 01 2b 54 a6 24 df 26 9d 51 3f 39 c3 e6 99 06 23 22 f6 36 3e fd a1 dd d3 fd e7 0c c4 ee 30 c1 10 eb 15 6f 83 40 da df 9f 6a f9 28 cc 2a 69 29 08 48 22 1d 42 8d 0c 31 60 e4 3d a8 cd 26 30 96 ac 49 38 43 c3 52 9f a5 ce 22 79 e3 be 0a 9e 01 63 4d 37 97 67 e4 fb 80 e3 09 fa be ab d9 9e 5c 40 05 91 01 0d 38 db e2 06 78 94 45 0d 03 34 8b 82 1d 53 dc 7c 49 81 9f 81 18 1d 79 79 37 13 18 7e 02 86 25 57 3f 1b 37 21 4a ab c5 68 8c 72 66 a5 c6 64 42 aa 5e 4f 51 22 9e 49 44 47 c4 05 fd fd 21 6f de 2b 89 5e 36 1c 56 1d 12 bb 59 b6 a7 36 8c 10 be 3c fc c8 ea f7 dc 77 fa 4e 0e 4e 08 c3 50 a2 b7 50 32 80 d6 b2 f9 5c 81 3f df 97 ff fc a6 9f 45 cd 59 00 5e 98 6a df a0 06 ac b4 8d c3 05 3e 69 fe 5b 98 70 60 8f 4c 5f fd 1a a8 73 c7 58 71 98 3e 23 7e d1 c3 6e 59 e4 0f a4 f7 d3 3e 4c e3 4f 39 72 87 ff 83 a9 73 41 9e 99 53 81 2b cb 67 9b 35 1e 46 42 14 19 69 ee ad 71 99 c1 67 9d 55 66 ea 7b bb 12 2a 76 c9 42 55 a8 07 42 71 e0 cd 0a f9 54 70 b6 f9 f6 4b fe 46 3b 2f 85 ac db 06 cb f7 d9 af bf 5b bd 26 57 49 41 50 d9 de 75 fa 53 8e cb 2d 26 76 a7 33 d8 21 f9 c2 e0 59 27 05 62 4d ce b7 e8 6c 88 e0 d1 7b 5b 3a 98 d6 35 a5 73 90 97 56 0e 85 00 4c 33 01 6f 6d de c2 bd a5 fb c1 fb 09 0e 37 bf 27 e3 b3 aa 4f 34 de 27 28 56 23 ea c3 e5 a0 3a 5c 95 0f d6 d0 03 00 ef 84 23 01 15 f9 e4 c8 56 85 4f c0 4f 26 3c 00 c0 b2 73 84 7d 59 e1 64 f7 7c 18 c0 3c 50 e5 0e b3 40 03 da 8c 8e 6a 89 4d 25 c8 4f 08 08 35 f2 9a fc 1e db 6c 48 01 73 5e 53 59 66 61 b1 8c 43 44 44 9b 96 ed 15 77 9e 19 56 18 a0 7f de 89 ba 1f 0f 13 63 45 f4 38 16 7e 63 45 54 4c d2 cb 30 83 59 d8 49 45 64 40 87 9d 2e d1 5f 50 df 85 51 86 fa 7e 77 c6 07 5c 66 41 b8 54 85 a2 a7 c1 37 4b e5 89 69 b4 de 79 77 71 7c d4 f8 fd 7f e1 14 dd c8 2b 1d 23 09 94 db 5d e5 a6 4e 9e 9e c3 88 e9 97 82 19 02 22 9d 3e 86 28 b0 89 41 10 9e f7 ac 30 b5 62 1d 55 2d a1 6c 9d 44 d4 81 ec 4d 23 ae 45 54 98 13 91 0a 59 61 ba db 8a dd 10 2d 68 d7 12 7d aa 65 f0 70 95 8e ae 3c 29 c4 c0 fd Data Ascii: PK:=AX7\0DrActi
            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 22 Jul 2024 10:52:07 GMTContent-Type: application/zipContent-Length: 9891Connection: keep-aliveETag: "3914547665"Last-Modified: Tue, 11 Jun 2024 17:24:23 GMTCF-Cache-Status: HITAge: 1154Expires: Mon, 22 Jul 2024 14:52:07 GMTCache-Control: public, max-age=14400Accept-Ranges: bytesServer: cloudflareCF-RAY: 8a72e121fe97189d-EWRData Raw: 50 4b 03 04 14 00 01 00 08 00 ab 49 9a 58 36 05 95 82 f9 25 00 00 95 d3 03 00 12 00 00 00 46 65 61 74 75 72 65 41 63 74 69 6f 6e 73 2e 74 78 74 42 86 e3 50 5a 1b 0d e0 26 da 0d b9 4b a8 e4 a6 b2 45 39 87 02 b4 28 30 cc 70 d8 a2 c7 0b 87 a6 9a 3c 61 7d d4 39 e1 d2 be ab dd 67 1e 3c e4 ac 44 87 29 39 84 e1 ae be 6b 40 34 79 e5 cb 27 21 b4 93 bc e5 9a 3d 7e bd 5a 6b 60 31 4a 12 a1 ee ed 13 c4 92 32 1c 5b 92 ed bc 29 fb 5f d4 93 de d7 2c d5 7b 46 46 3f 10 71 ec c2 02 3b d4 66 4c a9 2a 0f d6 f6 3d bc db 88 31 ff b5 b5 97 8a b8 5a b0 49 f0 c5 ee 0e ff 2d 3e 07 6d 8f ce 0d 25 f3 3e 60 e8 93 c4 6d 0c cb e9 b3 fa 88 08 e4 6c a2 2c cc 9a 73 88 a3 aa 85 57 e7 49 cf 97 04 54 50 fb 97 75 2a 82 3b af cb 86 d1 92 a8 f1 50 85 f1 a1 0a 78 78 92 68 16 c2 67 10 6c 24 ba 16 4d a2 5d 49 7f 7d e4 f8 ae b6 92 95 80 95 d7 f4 6f 92 bd 67 d0 c5 c9 d9 be ea 82 fc 5a 96 4c df db 35 b1 c2 3f c3 9c 42 82 04 5a 4c de c9 78 10 b6 75 12 0d eb 94 6b 55 a5 31 19 50 1e d7 34 e8 6d e4 bf 57 85 c2 f1 06 2d 4e 74 66 0b 3f bd d6 8c 49 2d 2f df fd fa 21 ed 80 77 a9 39 90 7f fa 30 d1 2f b5 c5 80 5e 25 58 2d 8f a1 ec 2e 30 28 d8 18 6d 56 50 fc 6e ec c2 5d 3d 18 63 ce 72 b7 5f 01 fc dc 41 24 ef 91 b3 a5 3c 11 42 57 ad f6 79 b8 df a4 65 32 ed 62 09 bd cf 4b 04 a0 ab 90 7b 6a 96 ae c5 f8 4f c3 d0 64 c7 78 a2 5a c5 a0 76 c7 40 5b 87 4e 4c 9d 44 55 7c 00 5f a3 f8 84 92 b2 84 31 53 a4 b9 70 e7 95 1c e8 0b 7e 50 61 9f 71 c7 d0 3e 8d fb a4 df 7d 29 24 71 b6 48 37 bb 2c 68 81 bc 8b b9 06 c1 6d 29 49 07 9d 9b 98 ee f3 61 73 d4 3c bd 54 57 1f d8 eb b5 75 dd 24 3f 88 01 a3 ac f3 e6 45 d6 e0 df bc 79 85 0b f8 fb 95 40 58 89 df b0 b9 97 de 75 87 40 11 35 b7 2a 9a dc 55 4a 85 01 4c 9c 6a 61 1e d9 e0 04 30 e5 a4 76 9d 18 5e 0a aa d1 51 88 20 28 4f 7d 6b 2b 66 77 b2 76 98 66 96 7a ec 07 62 cd 68 ef 46 45 14 1c 3c 70 6c f8 c8 4c 57 5a 49 89 ff 8e 2a 2e 34 23 16 a6 b5 ff 2c b5 58 a6 9a bb 60 3d 18 db 62 c8 b2 1f 97 65 56 85 b2 57 b6 29 57 2a 02 a6 3b fb 51 2c 94 27 78 b7 3e f3 da 4a 71 9d fa 8d 0a 20 10 d8 5f 19 1d 54 3c 65 61 26 77 6f aa e5 2f 52 9b 4d d7 32 e6 60 72 58 b9 46 a9 fa 1a a7 14 de e2 0d 92 45 be 8c f7 63 3a f6 9b 41 df 39 ca 37 41 8e 09 ca 85 d6 f5 df f3 17 34 ee c6 46 54 cd d3 0e a1 30 ca 8d d1 40 7f a4 77 75 85 4a 49 d2 e0 42 64 dc 35 0d be 42 11 f8 68 77 fa 17 1e 9e 11 93 7d 16 6f 45 dc 86 40 de f9 4e 3d de e2 d1 99 9e 5a 24 80 29 36 f1 40 db de 8d 1f d3 95 73 05 ea 58 f5 ce a8 cf 72 d3 f5 d3 9b f6 bb 00 a7 ab a4 75 9f 25 de 96 1e 99 65 9f 49 b4 67 a8 f1 35 bf 72 75 1f 41 8b ff 3a 0e 38 31 d1 26 a7 a8 7f 22 bc 7f 65 a0 5f 0e f7 86 27 eb f3 85 12 8a 42 ac 04 92 Data Ascii: PKIX6%Feat
            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 22 Jul 2024 10:53:27 GMTContent-Type: application/zipContent-Length: 17770Connection: keep-aliveETag: "1817264281"Last-Modified: Mon, 17 Jun 2024 14:26:00 GMTCF-Cache-Status: HITAge: 336Expires: Mon, 22 Jul 2024 14:53:27 GMTCache-Control: public, max-age=14400Accept-Ranges: bytesServer: cloudflareCF-RAY: 8a72e318cd1342d0-EWRData Raw: 50 4b 03 04 14 00 01 00 08 00 3a 3d 41 58 37 5c 92 30 c0 44 00 00 72 cc 04 00 12 00 00 00 41 63 74 69 76 65 46 65 61 74 75 72 65 73 2e 74 78 74 a0 9b 2b 93 83 40 fc 73 6a 70 bb 23 a6 14 85 19 db 7f 9e 92 13 c4 c9 4b 31 fb 85 fc 04 d8 12 02 3b 04 ac 2f 2d a7 ef 1b ac a6 c7 02 06 b4 5b a6 5b 13 0e 41 d0 84 42 9e c4 12 82 c4 65 78 71 e8 aa bd c0 29 37 0e 92 20 37 3a 5e 80 b9 ea 89 67 13 4b 20 f3 b5 94 21 69 16 62 55 a7 56 c8 73 d6 98 fb 8e 87 4f 24 76 37 7c 65 5c b2 1b 8e b9 80 ec 57 ff e0 e4 27 f3 f8 a6 5a fd 64 76 65 55 2a 6f f6 52 a0 08 3e a0 25 15 8b a9 77 8c c3 ec 24 f2 2d 3b af 9d 9b 51 9b 18 ac bc 34 19 54 96 8c 06 fa 06 ee c4 66 24 01 2b 54 a6 24 df 26 9d 51 3f 39 c3 e6 99 06 23 22 f6 36 3e fd a1 dd d3 fd e7 0c c4 ee 30 c1 10 eb 15 6f 83 40 da df 9f 6a f9 28 cc 2a 69 29 08 48 22 1d 42 8d 0c 31 60 e4 3d a8 cd 26 30 96 ac 49 38 43 c3 52 9f a5 ce 22 79 e3 be 0a 9e 01 63 4d 37 97 67 e4 fb 80 e3 09 fa be ab d9 9e 5c 40 05 91 01 0d 38 db e2 06 78 94 45 0d 03 34 8b 82 1d 53 dc 7c 49 81 9f 81 18 1d 79 79 37 13 18 7e 02 86 25 57 3f 1b 37 21 4a ab c5 68 8c 72 66 a5 c6 64 42 aa 5e 4f 51 22 9e 49 44 47 c4 05 fd fd 21 6f de 2b 89 5e 36 1c 56 1d 12 bb 59 b6 a7 36 8c 10 be 3c fc c8 ea f7 dc 77 fa 4e 0e 4e 08 c3 50 a2 b7 50 32 80 d6 b2 f9 5c 81 3f df 97 ff fc a6 9f 45 cd 59 00 5e 98 6a df a0 06 ac b4 8d c3 05 3e 69 fe 5b 98 70 60 8f 4c 5f fd 1a a8 73 c7 58 71 98 3e 23 7e d1 c3 6e 59 e4 0f a4 f7 d3 3e 4c e3 4f 39 72 87 ff 83 a9 73 41 9e 99 53 81 2b cb 67 9b 35 1e 46 42 14 19 69 ee ad 71 99 c1 67 9d 55 66 ea 7b bb 12 2a 76 c9 42 55 a8 07 42 71 e0 cd 0a f9 54 70 b6 f9 f6 4b fe 46 3b 2f 85 ac db 06 cb f7 d9 af bf 5b bd 26 57 49 41 50 d9 de 75 fa 53 8e cb 2d 26 76 a7 33 d8 21 f9 c2 e0 59 27 05 62 4d ce b7 e8 6c 88 e0 d1 7b 5b 3a 98 d6 35 a5 73 90 97 56 0e 85 00 4c 33 01 6f 6d de c2 bd a5 fb c1 fb 09 0e 37 bf 27 e3 b3 aa 4f 34 de 27 28 56 23 ea c3 e5 a0 3a 5c 95 0f d6 d0 03 00 ef 84 23 01 15 f9 e4 c8 56 85 4f c0 4f 26 3c 00 c0 b2 73 84 7d 59 e1 64 f7 7c 18 c0 3c 50 e5 0e b3 40 03 da 8c 8e 6a 89 4d 25 c8 4f 08 08 35 f2 9a fc 1e db 6c 48 01 73 5e 53 59 66 61 b1 8c 43 44 44 9b 96 ed 15 77 9e 19 56 18 a0 7f de 89 ba 1f 0f 13 63 45 f4 38 16 7e 63 45 54 4c d2 cb 30 83 59 d8 49 45 64 40 87 9d 2e d1 5f 50 df 85 51 86 fa 7e 77 c6 07 5c 66 41 b8 54 85 a2 a7 c1 37 4b e5 89 69 b4 de 79 77 71 7c d4 f8 fd 7f e1 14 dd c8 2b 1d 23 09 94 db 5d e5 a6 4e 9e 9e c3 88 e9 97 82 19 02 22 9d 3e 86 28 b0 89 41 10 9e f7 ac 30 b5 62 1d 55 2d a1 6c 9d 44 d4 81 ec 4d 23 ae 45 54 98 13 91 0a 59 61 ba db 8a dd 10 2d 68 d7 12 7d aa 65 f0 70 95 8e ae 3c 29 c4 c0 fd Data Ascii: PK:=AX7\0DrActi
            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 22 Jul 2024 10:53:28 GMTContent-Type: application/zipContent-Length: 17770Connection: keep-aliveETag: "1817264281"Last-Modified: Mon, 17 Jun 2024 14:26:00 GMTCF-Cache-Status: HITAge: 337Expires: Mon, 22 Jul 2024 14:53:28 GMTCache-Control: public, max-age=14400Accept-Ranges: bytesServer: cloudflareCF-RAY: 8a72e31adeed42d0-EWRData Raw: 50 4b 03 04 14 00 01 00 08 00 3a 3d 41 58 37 5c 92 30 c0 44 00 00 72 cc 04 00 12 00 00 00 41 63 74 69 76 65 46 65 61 74 75 72 65 73 2e 74 78 74 a0 9b 2b 93 83 40 fc 73 6a 70 bb 23 a6 14 85 19 db 7f 9e 92 13 c4 c9 4b 31 fb 85 fc 04 d8 12 02 3b 04 ac 2f 2d a7 ef 1b ac a6 c7 02 06 b4 5b a6 5b 13 0e 41 d0 84 42 9e c4 12 82 c4 65 78 71 e8 aa bd c0 29 37 0e 92 20 37 3a 5e 80 b9 ea 89 67 13 4b 20 f3 b5 94 21 69 16 62 55 a7 56 c8 73 d6 98 fb 8e 87 4f 24 76 37 7c 65 5c b2 1b 8e b9 80 ec 57 ff e0 e4 27 f3 f8 a6 5a fd 64 76 65 55 2a 6f f6 52 a0 08 3e a0 25 15 8b a9 77 8c c3 ec 24 f2 2d 3b af 9d 9b 51 9b 18 ac bc 34 19 54 96 8c 06 fa 06 ee c4 66 24 01 2b 54 a6 24 df 26 9d 51 3f 39 c3 e6 99 06 23 22 f6 36 3e fd a1 dd d3 fd e7 0c c4 ee 30 c1 10 eb 15 6f 83 40 da df 9f 6a f9 28 cc 2a 69 29 08 48 22 1d 42 8d 0c 31 60 e4 3d a8 cd 26 30 96 ac 49 38 43 c3 52 9f a5 ce 22 79 e3 be 0a 9e 01 63 4d 37 97 67 e4 fb 80 e3 09 fa be ab d9 9e 5c 40 05 91 01 0d 38 db e2 06 78 94 45 0d 03 34 8b 82 1d 53 dc 7c 49 81 9f 81 18 1d 79 79 37 13 18 7e 02 86 25 57 3f 1b 37 21 4a ab c5 68 8c 72 66 a5 c6 64 42 aa 5e 4f 51 22 9e 49 44 47 c4 05 fd fd 21 6f de 2b 89 5e 36 1c 56 1d 12 bb 59 b6 a7 36 8c 10 be 3c fc c8 ea f7 dc 77 fa 4e 0e 4e 08 c3 50 a2 b7 50 32 80 d6 b2 f9 5c 81 3f df 97 ff fc a6 9f 45 cd 59 00 5e 98 6a df a0 06 ac b4 8d c3 05 3e 69 fe 5b 98 70 60 8f 4c 5f fd 1a a8 73 c7 58 71 98 3e 23 7e d1 c3 6e 59 e4 0f a4 f7 d3 3e 4c e3 4f 39 72 87 ff 83 a9 73 41 9e 99 53 81 2b cb 67 9b 35 1e 46 42 14 19 69 ee ad 71 99 c1 67 9d 55 66 ea 7b bb 12 2a 76 c9 42 55 a8 07 42 71 e0 cd 0a f9 54 70 b6 f9 f6 4b fe 46 3b 2f 85 ac db 06 cb f7 d9 af bf 5b bd 26 57 49 41 50 d9 de 75 fa 53 8e cb 2d 26 76 a7 33 d8 21 f9 c2 e0 59 27 05 62 4d ce b7 e8 6c 88 e0 d1 7b 5b 3a 98 d6 35 a5 73 90 97 56 0e 85 00 4c 33 01 6f 6d de c2 bd a5 fb c1 fb 09 0e 37 bf 27 e3 b3 aa 4f 34 de 27 28 56 23 ea c3 e5 a0 3a 5c 95 0f d6 d0 03 00 ef 84 23 01 15 f9 e4 c8 56 85 4f c0 4f 26 3c 00 c0 b2 73 84 7d 59 e1 64 f7 7c 18 c0 3c 50 e5 0e b3 40 03 da 8c 8e 6a 89 4d 25 c8 4f 08 08 35 f2 9a fc 1e db 6c 48 01 73 5e 53 59 66 61 b1 8c 43 44 44 9b 96 ed 15 77 9e 19 56 18 a0 7f de 89 ba 1f 0f 13 63 45 f4 38 16 7e 63 45 54 4c d2 cb 30 83 59 d8 49 45 64 40 87 9d 2e d1 5f 50 df 85 51 86 fa 7e 77 c6 07 5c 66 41 b8 54 85 a2 a7 c1 37 4b e5 89 69 b4 de 79 77 71 7c d4 f8 fd 7f e1 14 dd c8 2b 1d 23 09 94 db 5d e5 a6 4e 9e 9e c3 88 e9 97 82 19 02 22 9d 3e 86 28 b0 89 41 10 9e f7 ac 30 b5 62 1d 55 2d a1 6c 9d 44 d4 81 ec 4d 23 ae 45 54 98 13 91 0a 59 61 ba db 8a dd 10 2d 68 d7 12 7d aa 65 f0 70 95 8e ae 3c 29 c4 c0 fd Data Ascii: PK:=AX7\0DrActi
            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 22 Jul 2024 10:53:34 GMTContent-Type: application/zipContent-Length: 17770Connection: keep-aliveETag: "1817264281"Last-Modified: Mon, 17 Jun 2024 14:26:00 GMTCF-Cache-Status: HITAge: 343Expires: Mon, 22 Jul 2024 14:53:34 GMTCache-Control: public, max-age=14400Accept-Ranges: bytesServer: cloudflareCF-RAY: 8a72e3421fd0439a-EWRData Raw: 50 4b 03 04 14 00 01 00 08 00 3a 3d 41 58 37 5c 92 30 c0 44 00 00 72 cc 04 00 12 00 00 00 41 63 74 69 76 65 46 65 61 74 75 72 65 73 2e 74 78 74 a0 9b 2b 93 83 40 fc 73 6a 70 bb 23 a6 14 85 19 db 7f 9e 92 13 c4 c9 4b 31 fb 85 fc 04 d8 12 02 3b 04 ac 2f 2d a7 ef 1b ac a6 c7 02 06 b4 5b a6 5b 13 0e 41 d0 84 42 9e c4 12 82 c4 65 78 71 e8 aa bd c0 29 37 0e 92 20 37 3a 5e 80 b9 ea 89 67 13 4b 20 f3 b5 94 21 69 16 62 55 a7 56 c8 73 d6 98 fb 8e 87 4f 24 76 37 7c 65 5c b2 1b 8e b9 80 ec 57 ff e0 e4 27 f3 f8 a6 5a fd 64 76 65 55 2a 6f f6 52 a0 08 3e a0 25 15 8b a9 77 8c c3 ec 24 f2 2d 3b af 9d 9b 51 9b 18 ac bc 34 19 54 96 8c 06 fa 06 ee c4 66 24 01 2b 54 a6 24 df 26 9d 51 3f 39 c3 e6 99 06 23 22 f6 36 3e fd a1 dd d3 fd e7 0c c4 ee 30 c1 10 eb 15 6f 83 40 da df 9f 6a f9 28 cc 2a 69 29 08 48 22 1d 42 8d 0c 31 60 e4 3d a8 cd 26 30 96 ac 49 38 43 c3 52 9f a5 ce 22 79 e3 be 0a 9e 01 63 4d 37 97 67 e4 fb 80 e3 09 fa be ab d9 9e 5c 40 05 91 01 0d 38 db e2 06 78 94 45 0d 03 34 8b 82 1d 53 dc 7c 49 81 9f 81 18 1d 79 79 37 13 18 7e 02 86 25 57 3f 1b 37 21 4a ab c5 68 8c 72 66 a5 c6 64 42 aa 5e 4f 51 22 9e 49 44 47 c4 05 fd fd 21 6f de 2b 89 5e 36 1c 56 1d 12 bb 59 b6 a7 36 8c 10 be 3c fc c8 ea f7 dc 77 fa 4e 0e 4e 08 c3 50 a2 b7 50 32 80 d6 b2 f9 5c 81 3f df 97 ff fc a6 9f 45 cd 59 00 5e 98 6a df a0 06 ac b4 8d c3 05 3e 69 fe 5b 98 70 60 8f 4c 5f fd 1a a8 73 c7 58 71 98 3e 23 7e d1 c3 6e 59 e4 0f a4 f7 d3 3e 4c e3 4f 39 72 87 ff 83 a9 73 41 9e 99 53 81 2b cb 67 9b 35 1e 46 42 14 19 69 ee ad 71 99 c1 67 9d 55 66 ea 7b bb 12 2a 76 c9 42 55 a8 07 42 71 e0 cd 0a f9 54 70 b6 f9 f6 4b fe 46 3b 2f 85 ac db 06 cb f7 d9 af bf 5b bd 26 57 49 41 50 d9 de 75 fa 53 8e cb 2d 26 76 a7 33 d8 21 f9 c2 e0 59 27 05 62 4d ce b7 e8 6c 88 e0 d1 7b 5b 3a 98 d6 35 a5 73 90 97 56 0e 85 00 4c 33 01 6f 6d de c2 bd a5 fb c1 fb 09 0e 37 bf 27 e3 b3 aa 4f 34 de 27 28 56 23 ea c3 e5 a0 3a 5c 95 0f d6 d0 03 00 ef 84 23 01 15 f9 e4 c8 56 85 4f c0 4f 26 3c 00 c0 b2 73 84 7d 59 e1 64 f7 7c 18 c0 3c 50 e5 0e b3 40 03 da 8c 8e 6a 89 4d 25 c8 4f 08 08 35 f2 9a fc 1e db 6c 48 01 73 5e 53 59 66 61 b1 8c 43 44 44 9b 96 ed 15 77 9e 19 56 18 a0 7f de 89 ba 1f 0f 13 63 45 f4 38 16 7e 63 45 54 4c d2 cb 30 83 59 d8 49 45 64 40 87 9d 2e d1 5f 50 df 85 51 86 fa 7e 77 c6 07 5c 66 41 b8 54 85 a2 a7 c1 37 4b e5 89 69 b4 de 79 77 71 7c d4 f8 fd 7f e1 14 dd c8 2b 1d 23 09 94 db 5d e5 a6 4e 9e 9e c3 88 e9 97 82 19 02 22 9d 3e 86 28 b0 89 41 10 9e f7 ac 30 b5 62 1d 55 2d a1 6c 9d 44 d4 81 ec 4d 23 ae 45 54 98 13 91 0a 59 61 ba db 8a dd 10 2d 68 d7 12 7d aa 65 f0 70 95 8e ae 3c 29 c4 c0 fd Data Ascii: PK:=AX7\0DrActi
            Source: global trafficHTTP traffic detected: GET /offer.php?v=1&c=2021a HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: offers.filezilla-project.orgConnection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /get.php?offer=2021a HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: offers.filezilla-project.orgConnection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /nano_download.php?partner=FZ210427 HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Connection: Keep-AliveCache-Control: no-cacheHost: webcompanion.com
            Source: global trafficHTTP traffic detected: GET /get.php?offer=2021a HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: offers.filezilla-project.orgConnection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /nano_download.php?partner=FZ210427 HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Connection: Keep-AliveCache-Control: no-cacheHost: webcompanion.com
            Source: global trafficHTTP traffic detected: GET /get.php?offer=2021a HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: offers.filezilla-project.orgConnection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /nano_download.php?partner=FZ210427 HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Connection: Keep-AliveCache-Control: no-cacheHost: webcompanion.com
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/dci/latest/Webprotection.zip HTTP/1.1Host: rt.webcompanion.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /api/v2/url/blacklist HTTP/1.1Host: acs.lavasoft.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /urlblacklist.json HTTP/1.1Host: acscdn.lavasoft.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /api/v2/url/permanentwhitelist HTTP/1.1Host: acs.lavasoft.com
            Source: global trafficHTTP traffic detected: GET /permanentUrlWhitelist.json HTTP/1.1Host: acscdn.lavasoft.com
            Source: global trafficHTTP traffic detected: GET /9.1.0.993/WebCompanion-9.1.0.993-prod.zip HTTP/1.1Host: wcdownloadercdn.lavasoft.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1Host: rt.webcompanion.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1Host: rt.webcompanion.com
            Source: global trafficHTTP traffic detected: GET /Partner.svc/GetPartnerInfo?partner=FZ210427 HTTP/1.1Host: wc-partners.lavasoft.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /Partner.svc/GetPartnerInfo?partner=FZ210427_wb HTTP/1.1Host: wc-partners.lavasoft.com
            Source: global trafficHTTP traffic detected: GET /Partner.svc/GetPartnerInfo?partner=FZ210427_ab HTTP/1.1Host: wc-partners.lavasoft.com
            Source: global trafficHTTP traffic detected: GET /Partner.svc/GetPartnerInfo?partner=FZ210427_ac HTTP/1.1Host: wc-partners.lavasoft.com
            Source: global trafficHTTP traffic detected: GET /version_logs?json=true&version=9.1.0.993 HTTP/1.1Host: webcompanion.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1Host: rt.webcompanion.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1Host: rt.webcompanion.com
            Source: global trafficHTTP traffic detected: GET /version_logs?json=true&version=9.1.0.993 HTTP/1.1Host: webcompanion.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1Host: rt.webcompanion.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1Host: rt.webcompanion.com
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/postrun/prod/v1/FeatureActions.zip HTTP/1.1Host: rt.webcompanion.com
            Source: global trafficHTTP traffic detected: GET /version_logs?json=true&version=9.1.0.993 HTTP/1.1Host: webcompanion.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1Host: rt.webcompanion.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1Host: rt.webcompanion.com
            Source: global trafficHTTP traffic detected: GET /version_logs?json=true&version=9.1.0.993 HTTP/1.1Host: webcompanion.comConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1Host: rt.webcompanion.comConnection: Keep-Alive
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3360225784.00000000087A2000.00000002.00000001.01000000.0000003B.sdmpString found in binary or memory: <td align="right" width="24"><a target="_blank" href="https://www.facebook.com/lavasoft.adaware"><img src="http://webcompanion.com/images/email/fb-icon.png" width="16" height="16" alt="fb" style="display:block;border:0;" /></a></td> equals www.facebook.com (Facebook)
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: }}uNon elevated process completed for enableEnterprisePolicy.'C:\ffLanguages.json3Search from user config: 9Search from firefox config: +http://www.google.com1http://www.microsoft.com/http://www.facebook.comstop equals www.facebook.com (Facebook)
            Source: WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: SET NEW TAB$SET DEFAULT SEARCH SET WELCOME PAGE&SET EXSTENSION SIGN&SearchProtectLogger*http://www.yahoo.com/0http://search.yahoo.com/ https://www.{0}/*http://www.naver.com/*http://www.baidu.com/(http://www.bing.com/0http://www.facebook.com/2http://www.pinterest.com/*http://www.yandex.ru/.http://www.youtube.com/(https://twitter.com/Dhttp://securedsearch.lavasoft.com/Dhttps://privatesearch.adaware.com/2https://adaware.start.me/ equals www.facebook.com (Facebook)
            Source: WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: SET NEW TAB$SET DEFAULT SEARCH SET WELCOME PAGE&SET EXSTENSION SIGN&SearchProtectLogger*http://www.yahoo.com/0http://search.yahoo.com/ https://www.{0}/*http://www.naver.com/*http://www.baidu.com/(http://www.bing.com/0http://www.facebook.com/2http://www.pinterest.com/*http://www.yandex.ru/.http://www.youtube.com/(https://twitter.com/Dhttp://securedsearch.lavasoft.com/Dhttps://privatesearch.adaware.com/2https://adaware.start.me/ equals www.twitter.com (Twitter)
            Source: WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: SET NEW TAB$SET DEFAULT SEARCH SET WELCOME PAGE&SET EXSTENSION SIGN&SearchProtectLogger*http://www.yahoo.com/0http://search.yahoo.com/ https://www.{0}/*http://www.naver.com/*http://www.baidu.com/(http://www.bing.com/0http://www.facebook.com/2http://www.pinterest.com/*http://www.yandex.ru/.http://www.youtube.com/(https://twitter.com/Dhttp://securedsearch.lavasoft.com/Dhttps://privatesearch.adaware.com/2https://adaware.start.me/ equals www.yahoo.com (Yahoo)
            Source: WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: SET NEW TAB$SET DEFAULT SEARCH SET WELCOME PAGE&SET EXSTENSION SIGN&SearchProtectLogger*http://www.yahoo.com/0http://search.yahoo.com/ https://www.{0}/*http://www.naver.com/*http://www.baidu.com/(http://www.bing.com/0http://www.facebook.com/2http://www.pinterest.com/*http://www.yandex.ru/.http://www.youtube.com/(https://twitter.com/Dhttp://securedsearch.lavasoft.com/Dhttps://privatesearch.adaware.com/2https://adaware.start.me/ equals www.youtube.com (Youtube)
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: TwitterVisitUrl)http://lavasoft.com/ahttps://www.facebook.com/sharer/sharer.php?u={0}/http://webcompanion.comiWeb Companion. A safer, cleaner browsing experience.Shttps://www.facebook.com/officialadaware/Khttps://plus.google.com/share?url={0}yhttps://plus.google.com/u/0/b/116438965069860868108/+adawareahttp://twitter.com/intent/tweet?text={1}&url={0}Ghttps://twitter.com/officialadawarek/WebCompanion;component/ui/views/featurelistview.xaml equals www.facebook.com (Facebook)
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: TwitterVisitUrl)http://lavasoft.com/ahttps://www.facebook.com/sharer/sharer.php?u={0}/http://webcompanion.comiWeb Companion. A safer, cleaner browsing experience.Shttps://www.facebook.com/officialadaware/Khttps://plus.google.com/share?url={0}yhttps://plus.google.com/u/0/b/116438965069860868108/+adawareahttp://twitter.com/intent/tweet?text={1}&url={0}Ghttps://twitter.com/officialadawarek/WebCompanion;component/ui/views/featurelistview.xaml equals www.twitter.com (Twitter)
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: `https://www.facebook.com/sharer/sharer.php?u={0}Rhttps://www.facebook.com/officialadaware/Jhttps://plus.google.com/share?url={0}xhttps://plus.google.com/u/0/b/116438965069860868108/+adawarehWeb Companion. A safer, cleaner browsing experience..http://webcompanion.com`http://twitter.com/intent/tweet?text={1}&url={0}Fhttps://twitter.com/officialadaware equals www.facebook.com (Facebook)
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: `https://www.facebook.com/sharer/sharer.php?u={0}Rhttps://www.facebook.com/officialadaware/Jhttps://plus.google.com/share?url={0}xhttps://plus.google.com/u/0/b/116438965069860868108/+adawarehWeb Companion. A safer, cleaner browsing experience..http://webcompanion.com`http://twitter.com/intent/tweet?text={1}&url={0}Fhttps://twitter.com/officialadaware equals www.twitter.com (Twitter)
            Source: WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: bing searchEhttps://www.bing.com/chrome/newtab+https://us.yahoo.com/ equals www.yahoo.com (Yahoo)
            Source: WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: yahoo.com+http://www.yahoo.com/ equals www.yahoo.com (Yahoo)
            Source: global trafficDNS traffic detected: DNS query: offers.filezilla-project.org
            Source: global trafficDNS traffic detected: DNS query: webcompanion.com
            Source: global trafficDNS traffic detected: DNS query: flow.lavasoft.com
            Source: global trafficDNS traffic detected: DNS query: wc-update-service.lavasoft.com
            Source: global trafficDNS traffic detected: DNS query: wcdownloadercdn.lavasoft.com
            Source: global trafficDNS traffic detected: DNS query: rt.webcompanion.com
            Source: global trafficDNS traffic detected: DNS query: acs.lavasoft.com
            Source: global trafficDNS traffic detected: DNS query: acscdn.lavasoft.com
            Source: global trafficDNS traffic detected: DNS query: wc-partners.lavasoft.com
            Source: global trafficDNS traffic detected: DNS query: ocsp.entrust.net
            Source: global trafficDNS traffic detected: DNS query: wsgeoip.lavasoft.com
            Source: global trafficDNS traffic detected: DNS query: sg-bitmask.adaware.com
            Source: global trafficDNS traffic detected: DNS query: www.google.com
            Source: unknownHTTP traffic detected: POST /v1/event-stat?Type=Launch&ProductID=wc&EventVersion=1 HTTP/1.1Content-Type: application/jsonHost: flow.lavasoft.comContent-Length: 303Connection: Keep-Alive
            Source: DCIService.exe, 00000025.00000002.3292995652.00007FFBAAE5D000.00000002.00000001.01000000.00000019.sdmp, bddcihttp.dll0.8.drString found in binary or memory: http://.css
            Source: DCIService.exe, 00000025.00000002.3292995652.00007FFBAAE5D000.00000002.00000001.01000000.00000019.sdmp, bddcihttp.dll0.8.drString found in binary or memory: http://.jpg
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000038.00000002.3318646981.0000000005BF2000.00000002.00000001.01000000.00000027.sdmpString found in binary or memory: http://10.45.0.17:8341/api/v1/activeFeatures/filter/partnerId/
            Source: svchost.exe, 00000009.00000003.1716033062.0000016CDDD79000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://Passport.NET/STS
            Source: svchost.exe, 00000009.00000002.3291936857.0000016CDDD6E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://Passport.NET/STS09/xmldsig#ripledes-cbcices/SOAPFaultcurity-utility-1.0.xsd
            Source: svchost.exe, 00000009.00000003.1837240395.0000016CDDD6E000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1704633175.0000016CDDD59000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1716033062.0000016CDDD79000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1692711674.0000016CDDD55000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1692786985.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3291936857.0000016CDDD6E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://Passport.NET/tb
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3293142416.0000016CDE4D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://Passport.NET/tb_
            Source: svchost.exe, 00000009.00000002.3292818280.0000016CDE495000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://Passport.NET/tbpose
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://adaware.com/browser/ff/index.phpSInitializing
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3309998609.0000000005BA8000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3314539016.0000000005D60000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3309998609.0000000005B00000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3307195784.000000001B282000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3307195784.000000001B2B6000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3289249077.0000000001526000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3289249077.00000000015A7000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3288403645.0000000001158000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3339218992.0000000005B0C000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3290456534.00000000011F8000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3290456534.0000000001289000.00000004.00000020.00020000.00000000.sdmp, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, Interop.Shell32.dll.8.dr, WebCompanion.resources.dll4.8.dr, WebCompanionInstaller.resources.dll8.8.dr, WebCompanionInstaller.resources.dll1.8.dr, ICSharpCode.SharpZipLib.dll.4.drString found in binary or memory: http://aia.entrust.net/evcs2-chain.p7c01
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3289165158.0000000001719000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3289165158.0000000001710000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291091240.00000000017D5000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3292576714.0000000001588000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3346379483.00000000065E0000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3291520798.00000000013C5000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, sav.dll0.8.dr, rpc.dll0.8.dr, Interop.Shell32.dll.8.dr, WebCompanion.resources.dll4.8.dr, WebCompanionInstaller.resources.dll8.8.dr, WebCompanionInstaller.resources.dll1.8.dr, ICSharpCode.SharpZipLib.dll.4.dr, WebCompanionInstaller.resources.dll3.8.dr, bddcihttp.dll0.8.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3289165158.0000000001719000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3309998609.0000000005B8D000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3309998609.0000000005B00000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291091240.00000000017D5000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3289249077.0000000001526000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3292576714.0000000001588000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3288403645.0000000001158000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3339218992.0000000005BA7000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3292576714.0000000001580000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3346379483.00000000066C2000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3290456534.00000000011F8000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3291520798.00000000013C5000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, sav.dll0.8.dr, rpc.dll0.8.dr, Interop.Shell32.dll.8.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3289165158.0000000001719000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291091240.00000000017D5000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3291520798.00000000013C5000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, sav.dll0.8.dr, rpc.dll0.8.dr, Interop.Shell32.dll.8.dr, WebCompanion.resources.dll4.8.dr, WebCompanionInstaller.resources.dll8.8.dr, WebCompanionInstaller.resources.dll1.8.dr, ICSharpCode.SharpZipLib.dll.4.dr, WebCompanionInstaller.resources.dll3.8.dr, bddcihttp.dll0.8.dr, Newtonsoft.Json.dll.8.dr, WebCompanionExtensionIE.dll.8.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
            Source: FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2154093341.0000000005480000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3288220309.00000000014D0000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1674595471.0000016CDE404000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3292216277.0000016CDE400000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3289249077.0000000001526000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3288403645.0000000001158000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3290456534.00000000011F8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, Interop.Shell32.dll.8.dr, WebCompanion.resources.dll4.8.dr, WebCompanionInstaller.resources.dll8.8.dr, WebCompanionInstaller.resources.dll1.8.dr, ICSharpCode.SharpZipLib.dll.4.dr, WebCompanionInstaller.resources.dll3.8.dr, Newtonsoft.Json.dll.8.dr, WebCompanionExtensionIE.dll.8.drString found in binary or memory: http://crl.entrust.net/csbr1.crl0
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3309998609.0000000005BA8000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3314539016.0000000005D60000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3309998609.0000000005B00000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3307195784.000000001B282000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3307195784.000000001B2B6000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3289249077.0000000001526000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3289249077.00000000015A7000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3288403645.0000000001158000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3290456534.00000000011F8000.00000004.00000020.00020000.00000000.sdmp, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, Interop.Shell32.dll.8.dr, WebCompanion.resources.dll4.8.dr, WebCompanionInstaller.resources.dll8.8.dr, WebCompanionInstaller.resources.dll1.8.dr, ICSharpCode.SharpZipLib.dll.4.dr, WebCompanionInstaller.resources.dll3.8.dr, Newtonsoft.Json.dll.8.drString found in binary or memory: http://crl.entrust.net/evcs2.crl0
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3364273388.00000000099BF000.00000004.00000020.00020000.00000000.sdmp, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, Interop.Shell32.dll.8.dr, WebCompanion.resources.dll4.8.dr, WebCompanionInstaller.resources.dll8.8.dr, WebCompanionInstaller.resources.dll1.8.dr, ICSharpCode.SharpZipLib.dll.4.dr, WebCompanionInstaller.resources.dll3.8.dr, Newtonsoft.Json.dll.8.dr, WebCompanionExtensionIE.dll.8.drString found in binary or memory: http://crl.entrust.net/g2ca.crl0
            Source: svchost.exe, 00000009.00000002.3290602990.0000016CDD4D3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.ver)
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3289165158.0000000001719000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3289165158.0000000001710000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291091240.00000000017D5000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3292576714.0000000001588000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3346379483.00000000065E0000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3291520798.00000000013C5000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, sav.dll0.8.dr, rpc.dll0.8.dr, Interop.Shell32.dll.8.dr, WebCompanion.resources.dll4.8.dr, WebCompanionInstaller.resources.dll8.8.dr, WebCompanionInstaller.resources.dll1.8.dr, ICSharpCode.SharpZipLib.dll.4.dr, WebCompanionInstaller.resources.dll3.8.dr, bddcihttp.dll0.8.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
            Source: WebCompanionInstaller.exe, 00000008.00000002.3289165158.0000000001719000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrusted
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3289165158.0000000001719000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3309998609.0000000005B8D000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3309998609.0000000005B00000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291091240.00000000017D5000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3289249077.0000000001526000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3288403645.0000000001158000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3339218992.0000000005BA7000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3292576714.0000000001580000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3346379483.00000000066C2000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3290456534.00000000011F8000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3291520798.00000000013C5000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, sav.dll0.8.dr, rpc.dll0.8.dr, Interop.Shell32.dll.8.dr, WebCompanion.resources.dll4.8.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3289165158.0000000001719000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3292576714.0000000001588000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3291520798.00000000013C5000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, sav.dll0.8.dr, rpc.dll0.8.dr, Interop.Shell32.dll.8.dr, WebCompanion.resources.dll4.8.dr, WebCompanionInstaller.resources.dll8.8.dr, WebCompanionInstaller.resources.dll1.8.dr, ICSharpCode.SharpZipLib.dll.4.dr, WebCompanionInstaller.resources.dll3.8.dr, bddcihttp.dll0.8.dr, Newtonsoft.Json.dll.8.dr, WebCompanionExtensionIE.dll.8.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
            Source: WebCompanionInstaller.exe, 00000008.00000002.3288220309.0000000001498000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en
            Source: WebCompanionInstaller.exe, 00000008.00000002.3288220309.00000000014D0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/dk
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/dk/p_sha1
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/sct
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-sx/ws-trust/200512/AsymmetricKey
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-sx/ws-trust/200512/Nonce
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT/Cancel
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT/Renew
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/Issue
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/SCT
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/SCT/Cancel
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/SCT/Renew
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-tx/wsat/2006/06
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-tx/wsat/2006/06/Aborted
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-tx/wsat/2006/06/Commit
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-tx/wsat/2006/06/Committed
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-tx/wsat/2006/06/Completion
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-tx/wsat/2006/06/Durable2PC
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-tx/wsat/2006/06/Prepare
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-tx/wsat/2006/06/Prepared
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-tx/wsat/2006/06/ReadOnly
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-tx/wsat/2006/06/Replay
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-tx/wsat/2006/06/Rollback
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-tx/wsat/2006/06/Volatile2PC
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-tx/wsat/2006/06/fault
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-tx/wscoor/2006/06
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-tx/wscoor/2006/06/CreateCoordinationContext
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-tx/wscoor/2006/06/CreateCoordinationContextResponse
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-tx/wscoor/2006/06/Register
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-tx/wscoor/2006/06/RegisterResponse
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/ws-tx/wscoor/2006/06/fault
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
            Source: svchost.exe, 00000009.00000002.3291936857.0000016CDDD6E000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
            Source: svchost.exe, 00000009.00000003.1837240395.0000016CDDD6E000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3291936857.0000016CDDD6E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsdCiph
            Source: svchost.exe, 00000009.00000003.1691787529.0000016CDDD55000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsdYBwk=
            Source: svchost.exe, 00000009.00000003.1692101681.0000016CDDD53000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsdcurity
            Source: svchost.exe, 00000009.00000003.1679517145.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsdl
            Source: svchost.exe, 00000009.00000003.1692101681.0000016CDDD53000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsdn
            Source: svchost.exe, 00000009.00000003.1679517145.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsdng
            Source: svchost.exe, 00000009.00000003.1691787529.0000016CDDD55000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsdt:RequestedU
            Source: svchost.exe, 00000009.00000003.1837291475.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsdurity
            Source: svchost.exe, 00000009.00000002.3291936857.0000016CDDD6E000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
            Source: svchost.exe, 00000009.00000003.1679517145.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd#sha
            Source: svchost.exe, 00000009.00000003.1704187826.0000016CDDD55000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd.xsd
            Source: svchost.exe, 00000009.00000003.1704187826.0000016CDDD55000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd/08/
            Source: svchost.exe, 00000009.00000003.1679517145.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd04/01
            Source: svchost.exe, 00000009.00000003.1704187826.0000016CDDD55000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd2004
            Source: svchost.exe, 00000009.00000003.1679517145.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd4/xml
            Source: svchost.exe, 00000009.00000003.1691787529.0000016CDDD55000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdAAAAAA
            Source: svchost.exe, 00000009.00000003.1691787529.0000016CDDD55000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdAAgsIyCyYk
            Source: svchost.exe, 00000009.00000003.1691787529.0000016CDDD55000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdaZYKx1To
            Source: svchost.exe, 00000009.00000003.1679517145.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsde:Se
            Source: svchost.exe, 00000009.00000003.1679517145.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdecuri
            Source: svchost.exe, 00000009.00000003.1692101681.0000016CDDD53000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdhema
            Source: svchost.exe, 00000009.00000003.1704572860.0000016CDDD53000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdis-
            Source: svchost.exe, 00000009.00000003.1837291475.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdis-2
            Source: svchost.exe, 00000009.00000003.1837291475.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdn
            Source: svchost.exe, 00000009.00000002.3291680994.0000016CDDD58000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1837291475.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdnLJoj
            Source: svchost.exe, 00000009.00000003.1704572860.0000016CDDD53000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdrit
            Source: svchost.exe, 00000009.00000003.1704187826.0000016CDDD55000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdrt/So
            Source: svchost.exe, 00000009.00000003.1692101681.0000016CDDD53000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdsis-2
            Source: svchost.exe, 00000009.00000003.1692101681.0000016CDDD53000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdsoa
            Source: svchost.exe, 00000009.00000003.1704572860.0000016CDDD53000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdsoap
            Source: svchost.exe, 00000009.00000002.3291345633.0000016CDDD00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdsser
            Source: svchost.exe, 00000009.00000003.1679517145.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdthm=
            Source: svchost.exe, 00000009.00000003.1692101681.0000016CDDD53000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdxml
            Source: svchost.exe, 00000009.00000003.1704310318.0000016CDDD0E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdxmlns
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentif
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3p~
            Source: svchost.exe, 00000009.00000002.3289660604.0000016CDD42B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertionID
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#GSS_Kerberosv5_AP_REQ
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#GSS_Kerberosv5_AP_REQ1510
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3360225784.00000000087A2000.00000002.00000001.01000000.0000003B.sdmp, WebCompanion.resources.dll4.8.drString found in binary or memory: http://em.lavasoft.com/subscribe/profile?f=21&amp;id=
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://ext.adaware.com/ss/new-tab-may.xpi
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://ext.adaware.com/ss/new-tab-may.xpi(FirefoxNtPostInstall2InstallFFRegistrySideload
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000038.00000002.3318646981.0000000005BF2000.00000002.00000001.01000000.00000027.sdmpString found in binary or memory: http://ext.adaware.com/ss/newtab-omni.xpi
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://extservice.adaware.com/extension5Inside
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://flow.lavasoft.com
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.000000000397C000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003940000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003962000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000038E8000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003950000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.000000000396C000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003974000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003958000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003934000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000038CA000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003988000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000038DC000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000038F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://flow.lavasoft.com$
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034C1000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanion.exe, 00000038.00000002.3322211980.00000000060E2000.00000002.00000001.01000000.00000029.sdmpString found in binary or memory: http://flow.lavasoft.com/v1/event-stat-wc
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.000000000397C000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003940000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003962000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000038E8000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003950000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003974000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003958000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003934000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000038CA000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003988000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000038DC000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000038F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://flow.lavasoft.com/v1/event-stat-wc?Type=ProgressInstall&ProductID=wc
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.000000000397C000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003940000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003962000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000038E8000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003950000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.000000000396C000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003974000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034C1000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003958000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003934000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000038CA000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003988000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000038DC000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000038F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://flow.lavasoft.com/v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmpString found in binary or memory: http://flow.lavasoft.com/v1/event-stat-wclhttp://staging-cloudflow.lavasoft.net/v1/event-stat-wc
            Source: DCIService.exe, 00000025.00000002.3292995652.00007FFBAAE5D000.00000002.00000001.01000000.00000019.sdmp, bddcihttp.dll0.8.drString found in binary or memory: http://html4/loose.dtd
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://in.adaware.com/wc/extension_install.php?exiturl=aHR0cDovL3d3dy53ZWJjb21wYW5pb24uY29t&utm_camp
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://in.adaware.com/wc/extension_install.php?exiturl=aHR0cDovL3dlYmNvbXBhbmlvbi5jb20vaW5zdGFsbC5wa
            Source: WebCompanionInstaller.exe, 00000008.00000002.3325261328.0000000007C42000.00000002.00000001.01000000.00000012.sdmp, Newtonsoft.Json.dll.8.drString found in binary or memory: http://james.newtonking.com/projects/json
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://lavasoft.com/GetCountryISO2ByNameT
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://lavasoft.com/GetCountryNameByISO2T
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://lavasoft.com/GetIpLocationT
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://lavasoft.com/GetIpLocation_2_0T
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://lavasoft.com/GetLocationT
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://lavasoft.com/T
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://lavasoft.com?utm_source=wc&utm_medium=wc&utm_campaign=wcIhttp://webcompanion.com/version_logs
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3305078642.000000001AF52000.00000002.00000001.01000000.00000026.sdmpString found in binary or memory: http://logging.apache.org/log4net/release/faq.html#trouble-EventLog
            Source: FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000000.1419760333.000000000040A000.00000008.00000001.01000000.00000003.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2152049333.000000000040A000.00000004.00000001.01000000.00000003.sdmpString found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
            Source: WebCompanionInstaller.exe, 00000008.00000002.3289165158.0000000001719000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.c
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3289165158.0000000001719000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3289165158.0000000001710000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291091240.00000000017D5000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3291520798.00000000013C5000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, sav.dll0.8.dr, rpc.dll0.8.dr, Interop.Shell32.dll.8.dr, WebCompanion.resources.dll4.8.dr, WebCompanionInstaller.resources.dll8.8.dr, WebCompanionInstaller.resources.dll1.8.dr, ICSharpCode.SharpZipLib.dll.4.dr, WebCompanionInstaller.resources.dll3.8.dr, bddcihttp.dll0.8.dr, Newtonsoft.Json.dll.8.dr, WebCompanionExtensionIE.dll.8.drString found in binary or memory: http://ocsp.digicert.com0A
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3289165158.0000000001719000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3289165158.0000000001710000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291091240.00000000017D5000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3292576714.0000000001588000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3346379483.00000000065E0000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3291520798.00000000013C5000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, sav.dll0.8.dr, rpc.dll0.8.dr, Interop.Shell32.dll.8.dr, WebCompanion.resources.dll4.8.dr, WebCompanionInstaller.resources.dll8.8.dr, WebCompanionInstaller.resources.dll1.8.dr, ICSharpCode.SharpZipLib.dll.4.dr, WebCompanionInstaller.resources.dll3.8.dr, bddcihttp.dll0.8.drString found in binary or memory: http://ocsp.digicert.com0C
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3289165158.0000000001719000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3309998609.0000000005B8D000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3289165158.0000000001710000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3309998609.0000000005B00000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291091240.00000000017D5000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3289249077.0000000001526000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3292576714.0000000001588000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3288403645.0000000001158000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3339218992.0000000005BA7000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3292576714.0000000001580000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3346379483.00000000066C2000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3290456534.00000000011F8000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3291520798.00000000013C5000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, sav.dll0.8.dr, rpc.dll0.8.drString found in binary or memory: http://ocsp.digicert.com0X
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3289249077.000000000156D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.entrust.net
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3364273388.00000000099BF000.00000004.00000020.00020000.00000000.sdmp, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, Interop.Shell32.dll.8.dr, WebCompanion.resources.dll4.8.dr, WebCompanionInstaller.resources.dll8.8.dr, WebCompanionInstaller.resources.dll1.8.dr, ICSharpCode.SharpZipLib.dll.4.dr, WebCompanionInstaller.resources.dll3.8.dr, Newtonsoft.Json.dll.8.dr, WebCompanionExtensionIE.dll.8.drString found in binary or memory: http://ocsp.entrust.net00
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3364273388.00000000099BF000.00000004.00000020.00020000.00000000.sdmp, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, Interop.Shell32.dll.8.dr, WebCompanion.resources.dll4.8.dr, WebCompanionInstaller.resources.dll8.8.dr, WebCompanionInstaller.resources.dll1.8.dr, ICSharpCode.SharpZipLib.dll.4.dr, WebCompanionInstaller.resources.dll3.8.dr, Newtonsoft.Json.dll.8.dr, WebCompanionExtensionIE.dll.8.drString found in binary or memory: http://ocsp.entrust.net01
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3309998609.0000000005BA8000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3314539016.0000000005D60000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3309998609.0000000005B00000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3307195784.000000001B282000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3307195784.000000001B2B6000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3289249077.0000000001526000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3289249077.00000000015A7000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3288403645.0000000001158000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3339218992.0000000005B0C000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3290456534.00000000011F8000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3290456534.0000000001289000.00000004.00000020.00020000.00000000.sdmp, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, Interop.Shell32.dll.8.dr, WebCompanion.resources.dll4.8.dr, WebCompanionInstaller.resources.dll8.8.dr, WebCompanionInstaller.resources.dll1.8.dr, ICSharpCode.SharpZipLib.dll.4.drString found in binary or memory: http://ocsp.entrust.net02
            Source: svchost.exe, 00000009.00000002.3292497523.0000016CDE46A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://passport.net/tb
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003546000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pp.webcompanion.com/unsafe.php?utm_source=WC
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://rt.webcompanion.com/notifications/download/rt/Waterfoxsetup.exe
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmpString found in binary or memory: http://rt.webcompanion.com/notifications/download/rt/typolist.txt5Creating
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.datacontract.org/2004/07/H
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://schemas.datacontract.org/2004/07/SearchProtect.WcfService
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://schemas.datacontract.org/2004/07/SearchProtect.WcfService6
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.datacontract.org/2004/07/WebCompanionInstaller.UpdateService
            Source: svchost.exe, 00000009.00000002.3291345633.0000016CDDD00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://schemas.mi
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/2005/02/trust/tlsnego#TLS_Wrap
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003471000.00000004.00000800.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002453000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000031D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/soap/actor/next
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003471000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/dSNk
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034E8000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003471000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003546000.00000004.00000800.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002453000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000031D1000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.0000000003649000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/soap/envelope/
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003546000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/soap/envelope/H7n
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2002/12/policy
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/sc
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/sc/sct
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/trust/Nonce
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/Issue
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/SCT
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/trust
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/06/addressingex
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003471000.00000004.00000800.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002453000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000031D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/08/addressing
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003471000.00000004.00000800.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002453000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000031D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/08/addressing/fault
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003471000.00000004.00000800.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3291518324.0000016CDDD37000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002453000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000031D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
            Source: svchost.exe, 00000009.00000002.3291404393.0000016CDDD13000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3291835436.0000016CDDD5F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3291518324.0000016CDDD37000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1704572860.0000016CDDD53000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1678970512.0000016CDDD55000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002453000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/09/policy
            Source: svchost.exe, 00000009.00000003.1837240395.0000016CDDD6E000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3291936857.0000016CDDD6E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/09/policy=80601
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Commit
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Committed
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepared
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Rollback
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wscoor
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContext
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wscoor/RegisterResponse
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wscoor/fault
            Source: svchost.exe, 00000009.00000002.3291404393.0000016CDDD13000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3291835436.0000016CDDD5F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3291518324.0000016CDDD37000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/sc
            Source: svchost.exe, 00000009.00000003.1837240395.0000016CDDD6E000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3291936857.0000016CDDD6E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/sc(
            Source: svchost.exe, 00000009.00000002.3291835436.0000016CDDD5F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/sc-mgf1p
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/sc/dk
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/sc/sct
            Source: svchost.exe, 00000009.00000002.3291404393.0000016CDDD13000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3291835436.0000016CDDD5F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3291518324.0000016CDDD37000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1678970512.0000016CDDD55000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/CK/PSHA1
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/Cancel
            Source: svchost.exe, 00000009.00000003.1704633175.0000016CDDD59000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1824936816.0000016CDDD58000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1824936816.0000016CDDD54000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1692711674.0000016CDDD55000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1692786985.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/Issue
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Renew
            Source: svchost.exe, 00000009.00000003.1837240395.0000016CDDD6E000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3291936857.0000016CDDD6E000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/SymmetricKey
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/spnego
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002606000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/spn
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002606000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/right/possessproperty
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmpString found in binary or memory: http://sdl.adaware.com/?bundleid=WCUN001&savename=WCUN001.exe
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://sdl.adaware.com/cdn/NewBrowserExtensionInstaller.exe
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://securedsearch.lavasoft.com
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034C1000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanion.exe, 00000038.00000002.3322211980.00000000060E2000.00000002.00000001.01000000.00000029.sdmpString found in binary or memory: http://staging-cloudflow.lavasoft.net/v1/event-stat-wc
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034E8000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003471000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003546000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3359376849.0000000008623000.00000004.08000000.00040000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000031D1000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.0000000003649000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3305362152.00000000044A0000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3342275998.0000000008090000.00000004.08000000.00040000.00000000.sdmpString found in binary or memory: http://tempuri.org/
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://tempuri.org/$
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003471000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tempuri.org/:WebHttpBinding
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://tempuri.org/AddT
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmpString found in binary or memory: http://tempuri.org/GetComponentsInfoByProductT
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://tempuri.org/GetComponentsInfoT
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tempuri.org/GetComponentsVersionInfo
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://tempuri.org/GetComponentsVersionInfoT
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tempuri.org/GetProductInfo
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmpString found in binary or memory: http://tempuri.org/GetProductInfoT
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003471000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tempuri.org/ILocalyHostedServiceInstaller/GetDropDownValues
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003471000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tempuri.org/ILocalyHostedServiceInstaller/GetDropDownValuesResponse
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/CopyFiles
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/CopyFilesResponse
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/CopyFilesT
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/CreatUninstallInfo
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/CreatUninstallInfoResponse
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/CreatUninstallInfoT
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/GetCurrentHomePageIE
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/GetCurrentHomePageIEResponse
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/GetCurrentHomePageIET
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/GetCurrentSearchIE
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/GetCurrentSearchIEResponse
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/GetCurrentSearchIET
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/ProcessRemoteFeatureResponse
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/ProcessRemoteFeatureT
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/RunProcess
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/RunProcessResponse
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/RunProcessT
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/RunasAdmin
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/RunasAdminResponse
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/RunasAdminT
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/SetAutoRestoreSessionIE
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/SetAutoRestoreSessionIEResponse
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/SetAutoRestoreSessionIET
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/SetHomePageIE
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/SetHomePageIEResponse
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/SetHomePageIET
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/SetNewTabIE
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/SetNewTabIEResponse
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/SetNewTabIET
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/SetSearchEngineIE
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/SetSearchEngineIEResponse
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/SetSearchEngineIET
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/SilentUninstall
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/SilentUninstallResponse
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/SilentUninstallT
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/UpdateUninstallInfo
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/UpdateUninstallInfoResponse
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpString found in binary or memory: http://tempuri.org/IWCAssistantService/UpdateUninstallInfoT
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://tempuri.org/SendEmailT
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://tempuri.org/SendFeedbackT
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://tempuri.org/SendWCFeedbackT
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmpString found in binary or memory: http://tempuri.org/SignZipInstallerByProductT
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://tempuri.org/SignZipInstallerT
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003546000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://tempuri.org/T
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://tempuri.org/WcSendAutoResponseEmailT
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://upclick.com/GetCountryISO2ByNameT
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://upclick.com/GetCountryISO2T
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://upclick.com/GetCountryNameByISO2T
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://upclick.com/GetGeoInfoByHeadersT
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://upclick.com/GetGeoInfoByIpAddressT
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://upclick.com/GetGeoInfoByIpAddressesT
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://upclick.com/GetIpLocationT
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://upclick.com/GetLocationInfoT
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://upclick.com/T
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034E8000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000031D1000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.0000000003649000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://wc-update-service.lavasoft.com
            Source: WcInstaller.exe, 00000004.00000003.1651756526.00000000022FF000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3374359237.000000000E3AA000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000034E8000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.000000000339D000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.0000000003649000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3290456534.000000000127E000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3290456534.00000000011F8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://wc-update-service.lavasoft.com/components.asmx
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034E8000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000031D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://wc-update-service.lavasoft.com/components.asmxH
            Source: WcInstaller.exe, 00000004.00000003.1651756526.00000000022FF000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034E8000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3374359237.000000000E3AA000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000034E8000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000031D1000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.000000000339D000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.0000000003649000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3290456534.00000000011F8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://wc-update-service.lavasoft.com/update.asmx
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://wcdownloadercdn.lavasoft.com
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034E8000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000031D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://wcdownloadercdn.lavasoft.com/9.1.0.993/WebCompanion-9.1.0.993-prod.zip
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034E8000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000031D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://webcompanion.com
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://webcompanion.com/1http://www.lavasoft.com/Ghttp://webcompanion.com/unsafe?url=Qhttps://appdow
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000031D1000.00000004.00000800.00020000.00000000.sdmp, Frequently Asked Questions.url.41.drString found in binary or memory: http://webcompanion.com/faq
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://webcompanion.com/feedback?utm_source=wc&utm_medium=wc&utm_campaign=wcg/WebCompanion;component
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://webcompanion.com/ff_extension/ffLanguages.json
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://webcompanion.com/gw/gateway.php?pid=
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3360225784.00000000087A2000.00000002.00000001.01000000.0000003B.sdmp, WebCompanion.resources.dll4.8.drString found in binary or memory: http://webcompanion.com/help
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://webcompanion.com/help#119Help
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3360225784.00000000087A2000.00000002.00000001.01000000.0000003B.sdmpString found in binary or memory: http://webcompanion.com/images/email/hdr_main.png
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3360225784.00000000087A2000.00000002.00000001.01000000.0000003B.sdmpString found in binary or memory: http://webcompanion.com/images/email/tw-icon.png
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3360225784.00000000087A2000.00000002.00000001.01000000.0000003B.sdmpString found in binary or memory: http://webcompanion.com/images/email/wc-title-header.png
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://webcompanion.com/installed.php?extinstall=1
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3360225784.00000000087A2000.00000002.00000001.01000000.0000003B.sdmpString found in binary or memory: http://webcompanion.com/mail-report-reply
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://webcompanion.com/mz/browser_download.php?partner=
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://webcompanion.com/notification?timestamp=
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://webcompanion.com/terms?http://webcompanion.com/privacy;RecoverSE
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmpString found in binary or memory: http://webcompanion.com/uninstall.php?utm_source=wc&utm_medium=
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://webcompanion.com/wc_onboarding_software_noab?lang=
            Source: WcInstaller.exe, 00000004.00000003.1651756526.00000000022FF000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3374359237.000000000E3AA000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000034E8000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.000000000339D000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.0000000003649000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3290456534.00000000011F8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://wsgeoip.lavasoft.com/ipservice.asmx
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034E8000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000031D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://wsgeoip.lavasoft.com/ipservice.asmxH
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3305078642.000000001AF52000.00000002.00000001.01000000.00000026.sdmpString found in binary or memory: http://www.apache.org/).
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3305078642.000000001AF52000.00000002.00000001.01000000.00000026.sdmpString found in binary or memory: http://www.apache.org/licenses/
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000883000.00000002.00000001.01000000.00000025.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3305078642.000000001AF52000.00000002.00000001.01000000.00000026.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000883000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0Copyright
            Source: WebCompanion.exe, 00000029.00000000.2333873826.00000000009B4000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://www.codeproject.com/Articles/28093/Using-RoutedCommands-with-a-ViewModel-in-WPF
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3364273388.00000000099BF000.00000004.00000020.00020000.00000000.sdmp, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, Interop.Shell32.dll.8.dr, WebCompanion.resources.dll4.8.dr, WebCompanionInstaller.resources.dll8.8.dr, WebCompanionInstaller.resources.dll1.8.dr, ICSharpCode.SharpZipLib.dll.4.dr, WebCompanionInstaller.resources.dll3.8.dr, Newtonsoft.Json.dll.8.dr, WebCompanionExtensionIE.dll.8.drString found in binary or memory: http://www.entrust.net/rpa0
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, Interop.Shell32.dll.8.dr, WebCompanion.resources.dll4.8.dr, WebCompanionInstaller.resources.dll8.8.dr, WebCompanionInstaller.resources.dll1.8.dr, ICSharpCode.SharpZipLib.dll.4.dr, WebCompanionInstaller.resources.dll3.8.dr, Newtonsoft.Json.dll.8.dr, WebCompanionExtensionIE.dll.8.drString found in binary or memory: http://www.entrust.net/rpa03
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000038D2000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3360225784.00000000087A2000.00000002.00000001.01000000.0000003B.sdmp, WebCompanion.resources.dll4.8.drString found in binary or memory: http://www.lavasoft.com
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3360225784.00000000087A2000.00000002.00000001.01000000.0000003B.sdmp, WebCompanion.resources.dll4.8.drString found in binary or memory: http://www.lavasoft.com/mylavasoft/contact
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3360225784.00000000087A2000.00000002.00000001.01000000.0000003B.sdmp, WebCompanion.resources.dll4.8.drString found in binary or memory: http://www.lavasoft.com/privacy_policy/
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: http://www.lavasoft.com/terms_of_use/Ohttp://www.lavasoft.com/privacy_policy/
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3360225784.00000000087A2000.00000002.00000001.01000000.0000003B.sdmp, WebCompanion.resources.dll4.8.drString found in binary or memory: http://www.lavasoftsupport.com/index.php?/forum/191-web-companion/
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD476000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.w3.X
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmpString found in binary or memory: http://www.webcompanion.com
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmpString found in binary or memory: http://www.webcompanion.com/installerview/consent_2?culture=
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://account.live.com/InlineSignup.aspx?iww=1&id=80502
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD2C000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://account.live.com/Wizard/Password/Change?id=80601
            Source: svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://account.live.com/inlinesignup.aspx?iww=1&amp;id=80600
            Source: svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://account.live.com/inlinesignup.aspx?iww=1&amp;id=80601
            Source: svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://account.live.com/inlinesignup.aspx?iww=1&amp;id=80603
            Source: svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://account.live.com/inlinesignup.aspx?iww=1&amp;id=80604
            Source: svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://account.live.com/inlinesignup.aspx?iww=1&amp;id=80605
            Source: svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://account.live.com/inlinesignup.aspx?iww=1&id=80600
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://account.live.com/inlinesignup.aspx?iww=1&id=80600e
            Source: svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://account.live.com/inlinesignup.aspx?iww=1&id=80601
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://account.live.com/inlinesignup.aspx?iww=1&id=80601l
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://account.live.com/inlinesignup.aspx?iww=1&id=80603
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://account.live.com/inlinesignup.aspx?iww=1&id=80604
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://account.live.com/inlinesignup.aspx?iww=1&id=80605
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664927838.0000016CDDD40000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664907426.0000016CDDD57000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664876494.0000016CDDD3B000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://account.live.com/msangcwam
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.000000000355C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://acs.lavasoft.com
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.000000000355C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://acs.lavasoft.com/api/v2/url/blacklist
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmpString found in binary or memory: https://acs.lavasoft.com/api/v2/url/blacklist7Creating
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.000000000355C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://acs.lavasoft.com/api/v2/url/blacklistH
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000035D7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://acs.lavasoft.com/api/v2/url/permanentwhitelist
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmpString found in binary or memory: https://acs.lavasoft.com/api/v2/url/permanentwhitelist7Creating
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.000000000355C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://acscdn.lavasoft.com
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.000000000355C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://acscdn.lavasoft.com/urlblacklist.json
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: https://adaware.com/ext/ie.php?pid=
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000031D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://adaware.com/ext/inline.php?pid=
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000031D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstore/detail/adaware-secure-search/mcecnfofnfjclaifchnaodlamfjlofkp
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.000000000368B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://clients2.google.com/service/update2/crx
            Source: DCIService.exe, 00000025.00000002.3291601212.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe, 00000025.00000000.2258404445.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe0.8.drString found in binary or memory: https://curl.se/docs/alt-svc.html
            Source: DCIService.exe, 00000025.00000002.3291601212.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe, 00000025.00000000.2258404445.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe0.8.drString found in binary or memory: https://curl.se/docs/http-cookies.html
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: https://ext.adaware.com/
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: https://ext.adaware.com//ts/
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: https://ext.adaware.com/ss/newtab-ext.xpi
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: https://featureflags.lavasoft.com/api/Update/WC
            Source: FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2152551540.0000000000731000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2153381222.0000000002746000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://filezilla-project.org/URLUpdateInfoHelpLinkPublisherTim
            Source: WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.000000000368B000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3322211980.00000000060E2000.00000002.00000001.01000000.00000029.sdmpString found in binary or memory: https://flow.lavasoft.com/v1/event-stat
            Source: svchost.exe, 00000009.00000002.3292286836.0000016CDE418000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664927838.0000016CDDD40000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664876494.0000016CDDD3B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ApproveSession.srf
            Source: svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/IfExists.srf?uiflavor=4&amp;id=80600
            Source: svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/IfExists.srf?uiflavor=4&amp;id=80601
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664981998.0000016CDDD6B000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/IfExists.srf?uiflavor=4&id=80502
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664981998.0000016CDDD6B000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/IfExists.srf?uiflavor=4&id=80600
            Source: svchost.exe, 00000009.00000003.1664413515.0000016CDDD2C000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664981998.0000016CDDD6B000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/IfExists.srf?uiflavor=4&id=80601
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/IfExists.srf?uiflavor=4&id=80601er
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664927838.0000016CDDD40000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664876494.0000016CDDD3B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ListSessions.srf
            Source: svchost.exe, 00000009.00000003.1664927838.0000016CDDD40000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664876494.0000016CDDD3B000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ManageApprover.srf
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ManageApprover.srfl
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664927838.0000016CDDD40000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664876494.0000016CDDD3B000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ManageLoginKeys.srf
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664927838.0000016CDDD40000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3292286836.0000016CDE418000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664876494.0000016CDDD3B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/RST2.srf
            Source: svchost.exe, 00000009.00000002.3292925755.0000016CDE4AF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/RST2.srfA7826
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664927838.0000016CDDD40000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664876494.0000016CDDD3B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/didtou.srf
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664927838.0000016CDDD40000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664876494.0000016CDDD3B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/getrealminfo.srf
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664927838.0000016CDDD40000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664876494.0000016CDDD3B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/getuserrealm.srf
            Source: svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsec
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664981998.0000016CDDD6B000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/DeviceAssociate.srf
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664981998.0000016CDDD6B000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/DeviceDisassociate.srf
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664927838.0000016CDDD40000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664876494.0000016CDDD3B000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/DeviceQuery.srf
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664981998.0000016CDDD6B000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/DeviceUpdate.srf
            Source: svchost.exe, 00000009.00000003.1664981998.0000016CDDD6B000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/EnumerateDevices.srf
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/EnumerateDevices.srfssuer
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664927838.0000016CDDD40000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664876494.0000016CDDD3B000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/GetAppData.srf
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/GetAppData.srfrfrf6085fid=cpsrf
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664981998.0000016CDDD6B000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/GetUserKeyData.srf
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD2C000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664981998.0000016CDDD6B000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlineClientAuth.srf
            Source: svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlineConnect.srf?id=80600
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlineConnect.srf?id=80600UE
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlineConnect.srf?id=80601
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlineConnect.srf?id=80603
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlineConnect.srf?id=80604
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664981998.0000016CDDD6B000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlineDesktop.srf
            Source: svchost.exe, 00000009.00000003.1664413515.0000016CDDD2C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlineDesktop.srfm
            Source: svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlineLogin.srf?id=80502
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlineLogin.srf?id=80502R
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlineLogin.srf?id=80600
            Source: svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlineLogin.srf?id=806005
            Source: svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlineLogin.srf?id=80601
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlineLogin.srf?id=80603
            Source: svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlineLogin.srf?id=80604
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlineLogin.srf?id=80605
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlineLogin.srf?id=80606
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlineLogin.srf?id=80607
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664907426.0000016CDDD57000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlineLogin.srf?id=80608
            Source: svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlinePOPAuth.srf?id=80601&amp;fid=cp
            Source: svchost.exe, 00000009.00000003.1664485156.0000016CDDD5A000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD2C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlinePOPAuth.srf?id=80601&fid=cp
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlinePOPAuth.srf?id=80601&fid=cp8
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/InlinePOPAuth.srf?id=80605
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664927838.0000016CDDD40000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664876494.0000016CDDD3B000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/ResolveUser.srf
            Source: svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/SHA1Auth.srf
            Source: svchost.exe, 00000009.00000003.1846885385.0000016CDE4B0000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3292957000.0000016CDE4B1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/SHA1Auth.srf3
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/SHA1Auth.srf4
            Source: svchost.exe, 00000009.00000002.3292286836.0000016CDE418000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/SHA1Auth.srfJ
            Source: svchost.exe, 00000009.00000003.1664927838.0000016CDDD40000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664876494.0000016CDDD3B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/SHA1Auth.srfrf
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/deviceaddcredential.srf
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/devicechangecredential.srf
            Source: svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/deviceremovecredential.srf
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/ppsecure/deviceremovecredential.srfLive
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664927838.0000016CDDD40000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664876494.0000016CDDD3B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/resetpw.srf
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664927838.0000016CDDD40000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664876494.0000016CDDD3B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/retention.srf
            Source: svchost.exe, 00000009.00000002.3292818280.0000016CDE495000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3290602990.0000016CDD4D3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com:443/RST2.srf
            Source: svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com/MSARST2.srf
            Source: svchost.exe, 00000009.00000003.1664927838.0000016CDDD40000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664876494.0000016CDDD3B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com/MSARST2.srf7
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com/ppsecure/DeviceAssociate.srf
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com/ppsecure/DeviceAssociate.srfJ
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com/ppsecure/DeviceDisassociate.srf
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com/ppsecure/DeviceDisassociate.srf.
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com/ppsecure/DeviceQuery.srf
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com/ppsecure/DeviceQuery.srf-
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com/ppsecure/DeviceUpdate.srf
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com/ppsecure/DeviceUpdate.srf%
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com/ppsecure/EnumerateDevices.srf
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664944675.0000016CDDD63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com/ppsecure/ResolveUser.srf
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com/ppsecure/deviceaddmsacredential.srf
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com/ppsecure/devicechangecredential.srfen
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com/ppsecure/deviceremovecredential.srf
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: https://media.adaware.com/moviesextension/thankyou.php?partnerID=BT151101&sourceTraffic=WCU1908
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: https://media.adaware.com/waterfox/onboarding/?utm_source=WebCompanion&utm_medium=Notifications&utm_
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000038.00000002.3318646981.0000000005BF2000.00000002.00000001.01000000.00000027.sdmpString found in binary or memory: https://notiftrigger.adaware.com/notification-trigger-service/api/v1?partner=
            Source: FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2152551540.0000000000781000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://offers.filezilla-project.org/
            Source: FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2152551540.000000000076E000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2154093341.0000000005480000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2154093341.00000000054BC000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2152551540.0000000000781000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://offers.filezilla-project.org/get.php?offer=2021a
            Source: FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2152551540.0000000000781000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://offers.filezilla-project.org/l
            Source: FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2152551540.00000000007D0000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000003.1483959513.00000000007D3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://offers.filezilla-project.org/offer.php?v=1&c=2021a
            Source: FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2152551540.0000000000731000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2153381222.0000000002746000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://offers.filezilla-project.org/offer.php?v=1&c=2021a/SILENTgetOK
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://rt.webcompanion.com
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1651756526.00000000022FF000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmpString found in binary or memory: https://rt.webcompanion.com/notifications/download/rt/dci/latest/Webprotection.zip
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://rt.webcompanion.com/notifications/download/rt/dci/latest/Webprotection.zipH
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034E8000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmpString found in binary or memory: https://rt.webcompanion.com/notifications/download/rt/fallback/WebCompanion.zip
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: https://sdl.adaware.com/?bundleid=WCU001&savename=WCUpdater.exe
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: https://sdl.adaware.com/cdn/BrowserExtensionInstaller.exe
            Source: svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664927838.0000016CDDD40000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD2C000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664876494.0000016CDDD3B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://signup.live.com/signup.aspx
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: https://staging-featureflags-api.lavasoft.net/api/Update/WC
            Source: WcInstaller.exe, 00000004.00000003.1651756526.00000000022FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://staging-webcompanion.lavasoft.net/dci/3.0.1.9/Webprotection.zip
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034E8000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmpString found in binary or memory: https://staging-webcompanion.lavasoft.net/dci/3.0.2.12/Webprotection.zip
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3305821810.000000001AF9C000.00000002.00000001.01000000.00000026.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3305078642.000000001AF52000.00000002.00000001.01000000.00000026.sdmpString found in binary or memory: https://svn.apache.org/repos/asf/logging/log4net/tags/1.2.13RC3
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3360225784.00000000087A2000.00000002.00000001.01000000.0000003B.sdmpString found in binary or memory: https://twitter.com/lavasoft
            Source: WcInstaller.exe, 00000004.00000003.1651756526.00000000022FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://wcdownloader-qa.lavasoft.com/9.1.0.993/WebCompanion-9.1.0.993-internal.zip
            Source: WcInstaller.exe, 00000004.00000003.1651756526.00000000022FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://wcdownloader-qa.lavasoft.com/9.1.0.993/WebCompanionInstaller-9.1.0.993-internal.exe
            Source: WcInstaller.exe, 00000004.00000003.1651756526.00000000022FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://wcdownloadercdn.lavasoft.com/9.1.0.993/WebCompanionInstaller-9.1.0.993-prod.exe
            Source: FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2154093341.0000000005480000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://webcompanion.com/
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: https://webcompanion.com/ab/index.php?partnerId=
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: https://webcompanion.com/download_extensions.php?partnerID=
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://webcompanion.com/en/
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: https://webcompanion.com/en/help.php
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmpString found in binary or memory: https://webcompanion.com/nano_download.php?partner=AG160601&Silent&SkipAg&homepage=12&search=2cCheck
            Source: FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2152551540.000000000076E000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2154093341.00000000054EB000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2154093341.00000000054C0000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2154093341.0000000005480000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2154093341.00000000054BC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://webcompanion.com/nano_download.php?partner=FZ210427
            Source: FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2154093341.0000000005480000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://webcompanion.com/nano_download.php?partner=FZ2104274
            Source: FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2154093341.0000000005480000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://webcompanion.com/nano_download.php?partner=FZ210427T
            Source: FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2154093341.00000000054C0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://webcompanion.com/nano_download.php?partner=FZ210427download.php?partner=FZ210427
            Source: FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000003.1483376182.00000000007F1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://webcompanion.com/privacy
            Source: FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000003.1483376182.00000000007F1000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2152049333.000000000042F000.00000004.00000001.01000000.00000003.sdmpString found in binary or memory: https://webcompanion.com/terms
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: https://webcompanion.com/termsAhttps://webcompanion.com/privacy
            Source: WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003546000.00000004.00000800.00020000.00000000.sdmp, DCIService.exe, 00000025.00000002.3289476525.0000017140DE7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://webcompanion.com/unsafe.php?utm_source=WC
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmpString found in binary or memory: https://webcompanion.com/unsafe.php?utm_source=WCghttp://pp.webcompanion.com/unsafe.php?utm_source=W
            Source: DCIService.exe, 00000025.00000002.3289476525.0000017140DC0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://webcompanion.com/unsafe.php?utm_source=WCse.dll
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.00000000035CD000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.000000000368B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://webcompanion.com/wp/index.php?partnerId=
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: https://www.adaware.com/privacy-policy
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.adaware.com/sites/default/files/installers/H2OAutoUpdate/WCU005.exe
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.adaware.com/sites/default/files/installers/H2OAutoUpdate/WCU006_s.exe
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: https://www.adaware.com/terms-of-use
            Source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3309998609.0000000005BA8000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3314539016.0000000005D60000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3309998609.0000000005B00000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3307195784.000000001B282000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3307195784.000000001B2B6000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3289249077.0000000001526000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3289249077.00000000015A7000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3288403645.0000000001158000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3339218992.0000000005B0C000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3290456534.00000000011F8000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3290456534.0000000001289000.00000004.00000020.00020000.00000000.sdmp, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, Interop.Shell32.dll.8.dr, WebCompanion.resources.dll4.8.dr, WebCompanionInstaller.resources.dll8.8.dr, WebCompanionInstaller.resources.dll1.8.dr, ICSharpCode.SharpZipLib.dll.4.drString found in binary or memory: https://www.entrust.net/rpa0
            Source: DCIService.exe, 00000025.00000002.3291601212.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe, 00000025.00000000.2258404445.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe0.8.drString found in binary or memory: https://www.google.comDCISafetyPageDCIEnabledDCILearningDCIDefAcceptDCILearnTimeoutDCINotifyTimeoutN
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: https://www.waterfoxproject.org/en-US/about/legal/terms/waterfox/
            Source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpString found in binary or memory: https://www.waterfoxproject.org/en-US/privacy
            Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
            Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
            Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
            Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
            Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
            Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
            Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
            Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
            Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
            Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
            Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
            Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
            Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
            Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
            Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
            Source: unknownHTTPS traffic detected: 49.12.121.47:443 -> 192.168.2.8:49707 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.19.208.152:443 -> 192.168.2.8:49709 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.19.159.224:443 -> 192.168.2.8:49729 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.16.149.130:443 -> 192.168.2.8:49735 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.16.149.130:443 -> 192.168.2.8:49736 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.16.149.130:443 -> 192.168.2.8:49741 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.16.149.130:443 -> 192.168.2.8:49753 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.16.149.130:443 -> 192.168.2.8:49770 version: TLS 1.2
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeFile created: C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\026A86A161D256DBB33076EDF20C0E5E_86AB612B21DEDF3B8CD155ED2E4114FFJump to dropped file
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeFile created: C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\AF360AACB1570042DEFBC833317997D0_684EE07DA693FF51901FCCD35B88A7C0Jump to dropped file
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeFile created: C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A37B8BA80004D3266CB4D93B2052DC10_EBDB5A7037F08CDFB408DBFC0D44B43DJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci.catJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddci.catJump to dropped file

            Spam, unwanted Advertisements and Ransom Demands

            barindex
            Writes a notice file (html or txt) to demand a ransom
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile dropped: C:\Users\user\AppData\Roaming\Lavasoft\Web Companion\bllist.txt -> encryptedconnection.net,mncig.org,valvol.xyz,summonerswarskyarenaguides.com,readonlinefreebook.com,vestbooks.website,bg4nxu2u5t.com,sgkaa.com,bt4gprx.com,wwgnpwus.top,hypnosisdampers.shop,llama2.space,mp3king.cc,freesofthere.com,d2ze9scn6abmic.cloudfront.net,steam-gift.com,soap2day.ph,milligestion.fr,stecmcommunnity.com,air-evasion.fr,xn--80akoaetjlq5g.xn--p1ai,ssoapgate.com,rojatv.tv,9ut1.shop,mstatik.com,harjjshit.xyz,movierulzfree.co,boldnarrow.com,portlstrou.ru,acache32.com,gotta.gleeze.com,funnycamss.cc,streamcomplet.top,123-movies.boats,yourbrowser.cc,cumtube.xyz,simem.co,xn--90aqok.xn--p1ai,ffcrystals.club,cafinancialmatters.com,powvideo.net,dmovie.fun,amavoideric.com,onlinefotoshop.ru,spiritstore.co.uk,putlocker.onl,fullmatchtv.com,digi-tcg.online,k1a5p4c6h2a9r7g3e.com,cracksoftwareguru.com,latestcache.com,tradingnano.com,qawsedrftgyhujik66.shop,unblocktorrent.com,slmcdn18.shop,blcdccdn20.shop,hlsvideocdn180.shop,yify2.com,slmcdnseriea34.shop,katespadecanadaonline.ca,katespadeoutletscanada.ca,grauglakJump to dropped file

            System Summary

            barindex
            Detected potential unwanted application
            Source: FileZilla_3.67.1_win64_sponsored-setup.exePE Siganture Subject Chain: CN=Tim Kosse, O=Tim Kosse, S=Nordrhein-Westfalen, C=DE
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddci.sysJump to behavior
            Source: C:\Windows\System32\rundll32.exeFile created: C:\Windows\system32\DRIVERS\SET9770.tmp
            Source: C:\Windows\System32\rundll32.exeFile created: C:\Windows\system32\DRIVERS\SET9770.tmp
            Source: C:\Windows\System32\rundll32.exeFile created: C:\Windows\system32\DRIVERS\SET9770.tmp
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeFile created: C:\Windows\assembly\Desktop.ini
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeFile created: C:\Windows\Microsoft.NET\Framework\v2.0.50727\config\security.config.cch.new
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeFile created: C:\Windows\Microsoft.NET\Framework\v2.0.50727\config\enterprisesec.config.cch.new
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeFile created: C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A37B8BA80004D3266CB4D93B2052DC10_EBDB5A7037F08CDFB408DBFC0D44B43D
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeFile created: C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A37B8BA80004D3266CB4D93B2052DC10_EBDB5A7037F08CDFB408DBFC0D44B43D
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeFile created: C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\026A86A161D256DBB33076EDF20C0E5E_86AB612B21DEDF3B8CD155ED2E4114FF
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeFile created: C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\026A86A161D256DBB33076EDF20C0E5E_86AB612B21DEDF3B8CD155ED2E4114FF
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeFile created: C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\AF360AACB1570042DEFBC833317997D0_684EE07DA693FF51901FCCD35B88A7C0
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeFile created: C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\AF360AACB1570042DEFBC833317997D0_684EE07DA693FF51901FCCD35B88A7C0
            Source: C:\Windows\System32\netsh.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\PeerDistRepub
            Source: C:\Windows\System32\rundll32.exeFile deleted: C:\Windows\System32\drivers\SET9770.tmp
            Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 2168 -ip 2168
            Source: api-ms-win-core-datetime-l1-1-0.dll.8.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-errorhandling-l1-1-0.dll.8.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-file-l1-1-0.dll.8.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-console-l1-1-0.dll.8.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-file-l1-2-0.dll.8.drStatic PE information: No import functions for PE file found
            Source: api-ms-win-core-debug-l1-1-0.dll.8.drStatic PE information: No import functions for PE file found
            Source: FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2152328511.000000000046A000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenameFileZilla_3.67.1_win32-setup.exe4 vs FileZilla_3.67.1_win64_sponsored-setup.exe
            Source: FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2152049333.000000000040A000.00000004.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenameinetc.dllF vs FileZilla_3.67.1_win64_sponsored-setup.exe
            Source: FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2153381222.0000000002746000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameinetc.dllF vs FileZilla_3.67.1_win64_sponsored-setup.exe
            Source: FileZilla_3.67.1_win64_sponsored-setup.exeBinary or memory string: OriginalFilenameFileZilla_3.67.1_win32-setup.exe4 vs FileZilla_3.67.1_win64_sponsored-setup.exe
            Source: FileZilla_3.67.1_win64_sponsored-setup.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
            Source: ICSharpCode.SharpZipLib.dll.4.dr, InflaterInputBuffer.csCryptographic APIs: 'TransformBlock'
            Source: ICSharpCode.SharpZipLib.dll.4.dr, DeflaterOutputStream.csCryptographic APIs: 'TransformBlock'
            Source: ICSharpCode.SharpZipLib.dll.4.dr, ZipAESTransform.csCryptographic APIs: 'TransformBlock'
            Source: bddcihttp.dll0.8.drBinary string: AddRemoteIpExclusion ipAddress is NULL[BDDCIHTTP] :: CHttpProxy::AddRemoteIpExclusion() - AddRemoteIpExclusion ipversion {} is invalidAddRemoteIpExclusion '{}' ret {}RemoveRemoteIpExclusion ipAddress is NULL[BDDCIHTTP] :: CHttpProxy::RemoveRemoteIpExclusion() - RemoveRemoteIpExclusion ipversion {} is invalidRemoveRemoteIpExclusion '{}' ret {}ClearRemoteIpExclusions ret {}[BDDCIHTTP] :: CHttpProxy::ClearRemoteIpExclusions() - ClearRemoteIpExclusions successful[BDDCIHTTP] :: BddciManager::Init <- [BDDCIHTTP] :: BddciManager::Init -> bddci_core.dllerror loading bddci_core.dll {}[BDDCIHTTP] :: BddciManager::Init() - GetDllInterfaceerror getting 'GetDllInterface' function {} ReleaseDllInterfaceerror getting 'ReleaseDllInterface' function {}error call 'GetDllInterface' : 0x{:x} ; version = {}[BDDCIHTTP] :: BddciManager::Uninit <- [BDDCIHTTP] :: BddciManager::Uninit -> [bddci] manager not initialized[BDDCIHTTP] :: BddciManager::AddSkipPid() - [bddci] AddSkipProcessByPid failed for pid {} : 0x{:#x}[BDDCIHTTP] :: BddciManager::RemoveSkipPid() - [bddci] RemoveSkipProcessByPid failed for pid {}: 0x{:#x}[BDDCIHTTP] :: BddciManager::AddSkipPath() - [bddci] AddSkipDirPath failed for path {} : 0x{:#x}[BDDCIHTTP] :: BddciManager::RemoveSkipPath() - [bddci] RemoveDirectoryPathDynamicCondition failed for path {} : 0x{:#x}[BDDCIHTTP] :: BddciManager::AddSkipIp() - [bddci] AddSkipIp failed for ip {} : 0x{:#x}[bddci] AddSkipIp successful for ip {}[bddci] AddSkipIp failed for ip {} which is not valid[BDDCIHTTP] :: BddciManager::RemoveSkipIp() - [bddci] RemoveSkipIp failed for ip {} : 0x{:#x}[bddci] RemoveSkipIp successful for ip {}[bddci] RemoveSkipIp failed for ip {} which is not validAdding preconditions failed[BDDCIHTTP] :: BddciProxy::Init() - Init OKerror call 'AddGenericEventsListener' : 0x{:#x}Proxy not registered yet[BDDCIHTTP] :: BddciProxy::Enable() - [BDDCIHTTP] :: BddciProxy::Disable() - CRITICAL: never return a null ptr from new connection callback[BDDCIHTTP] :: BddciProxy::ConnectionEstablished() - Error getting path: {}[BDDCIHTTP] :: BddciProxy::_AddPreconditions() - \Device\BddciProxy::AddApplicationPathPreCondition with [path {}] [err 0x{:#x}] {}BddciProxy::AddApplicationPathPreCondition with [path %s] [err 0x%x] %sBddciProxy::AddApplicationPathPreCondition can't have folder paths only files : [path {}] (continuable)BddciProxy::AddApplicationPathPreCondition with [path {}] [err {:#x}] {} (continuable)BddciProxy::AddRemotePortRangePreCondition with [start {}] [end {}] [err 0x{:#x}] {}[BDDCIHTTP] :: BddciProxy::_AddPortRange() - [BDDCIHTTP] :: BddciProxy::_RegisterProxy <- [BDDCIHTTP] :: BddciProxy::_RegisterProxy -> Proxy Register FAILED [code 0x%x][BDDCIHTTP] :: BddciProxy::_RegisterProxy() - Proxy Register OK [code 0x%x]OnReady FAILED [code 0x%x][BDDCIHTTP] :: BddciProxy::_UnregisterProxy <- [BDDCIHTTP] :: BddciProxy::_UnregisterProxy -> [BDDCIHTTP] :: BddciProxy::EngineStateIsRunning <- [BDDCIHTTP] :: BddciProxy::EngineStateIsRunning -> InsertData
            Source: classification engineClassification label: mal48.rans.phis.troj.spyw.expl.evad.winEXE@81/373@18/7
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\LavasoftJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\WcInstaller[1].exeJump to behavior
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6800:120:WilError_03
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6896:120:WilError_03
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6588:120:WilError_03
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeMutant created: NULL
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeMutant created: \BaseNamedObjects\Global\.net clr networking
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeMutant created: \BaseNamedObjects\Global\servicemodelservice 3.0.0.0
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3404:120:WilError_03
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4280:120:WilError_03
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:568:120:WilError_03
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeMutant created: \Sessions\1\BaseNamedObjects\Global\.net clr networking
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6148:120:WilError_03
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3020:120:WilError_03
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeMutant created: \Sessions\1\BaseNamedObjects\AdAwareWebCompanionuser
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4156:120:WilError_03
            Source: C:\Windows\System32\conhost.exeMutant created: \BaseNamedObjects\Local\SM0:1532:120:WilError_03
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5248:120:WilError_03
            Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess2168
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeMutant created: \Sessions\1\BaseNamedObjects\Global\servicemodelservice 3.0.0.0
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeFile created: C:\Users\user\AppData\Local\Temp\nsmA242.tmpJump to behavior
            Source: FileZilla_3.67.1_win64_sponsored-setup.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeFile read: C:\Users\desktop.iniJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\System32\rundll32.exe "C:\Windows\sysnative\RunDLL32.Exe" syssetup,SetupInfObjectInstallAction BootInstall 128 C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci.inf
            Source: WebCompanion.exe, 00000033.00000002.3397980922.0000000065B48000.00000002.00000001.01000000.0000003A.sdmpBinary or memory string: SELECT 'INSERT INTO vacuum_db.' || quote(name) || ' SELECT * FROM main.' || quote(name) || ';' FROM vacuum_db.sqlite_master WHERE name=='sqlite_sequence';
            Source: DCIService.exe, 00000025.00000002.3292995652.00007FFBAAE5D000.00000002.00000001.01000000.00000019.sdmp, WebCompanion.exe, 00000033.00000002.3397980922.0000000065B48000.00000002.00000001.01000000.0000003A.sdmp, bddcihttp.dll0.8.drBinary or memory string: INSERT INTO %Q.%s VALUES('index',%Q,%Q,#%d,%Q);
            Source: DCIService.exe, 00000025.00000002.3291601212.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe, 00000025.00000000.2258404445.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe0.8.drBinary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
            Source: WebCompanion.exe, 00000033.00000002.3397980922.0000000065B48000.00000002.00000001.01000000.0000003A.sdmpBinary or memory string: SELECT 'INSERT INTO vacuum_db.' || quote(name) || ' SELECT * FROM main.' || quote(name) || ';'FROM main.sqlite_master WHERE type = 'table' AND name!='sqlite_sequence' AND coalesce(rootpage,1)>0
            Source: DCIService.exe, 00000025.00000002.3291601212.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe, 00000025.00000000.2258404445.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe0.8.drBinary or memory string: CREATE TABLE IF NOT EXISTS applications_stats(Application TEXT, Total_safe INTEGER, Total_unsafe INTEGER); CREATE UNIQUE INDEX IF NOT EXISTS applications_stats_idx ON applications_stats(Application, Total_safe, Total_unsafe);
            Source: WebCompanion.exe, 00000033.00000002.3397980922.0000000065B48000.00000002.00000001.01000000.0000003A.sdmpBinary or memory string: CREATE TABLE "%w"."%w_node"(nodeno INTEGER PRIMARY KEY, data BLOB);CREATE TABLE "%w"."%w_rowid"(rowid INTEGER PRIMARY KEY, nodeno INTEGER);CREATE TABLE "%w"."%w_parent"(nodeno INTEGER PRIMARY KEY, parentnode INTEGER);INSERT INTO '%q'.'%q_node' VALUES(1, zeroblob(%d))
            Source: DCIService.exe, 00000025.00000002.3291601212.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe, 00000025.00000000.2258404445.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe0.8.drBinary or memory string: CREATE TABLE IF NOT EXISTS daily_stats(Date Date, Total_safe INTEGER, Total_unsafe INTEGER); CREATE UNIQUE INDEX IF NOT EXISTS daily_stats_idx ON daily_stats(Date, Total_safe, Total_unsafe);
            Source: WebCompanion.exe, 00000033.00000002.3397980922.0000000065B48000.00000002.00000001.01000000.0000003A.sdmpBinary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);
            Source: WebCompanion.exe, 00000033.00000002.3397980922.0000000065B48000.00000002.00000001.01000000.0000003A.sdmpBinary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);
            Source: WebCompanion.exe, 00000033.00000002.3397980922.0000000065B48000.00000002.00000001.01000000.0000003A.sdmpBinary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));
            Source: DCIService.exe, 00000025.00000002.3291601212.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe, 00000025.00000000.2258404445.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe0.8.drBinary or memory string: CREATE TABLE IF NOT EXISTS bwl_stats(Date Date primary key, found_in_whitelist INTEGER, found_in_blacklist INTEGER, not_checked INTEGER); CREATE UNIQUE INDEX IF NOT EXISTS daily_stats_idx ON daily_stats(Date, found_in_blacklist, found_in_whitelist, not_checked);
            Source: DCIService.exe, 00000025.00000002.3292995652.00007FFBAAE5D000.00000002.00000001.01000000.00000019.sdmp, WebCompanion.exe, 00000033.00000002.3397980922.0000000065B48000.00000002.00000001.01000000.0000003A.sdmp, bddcihttp.dll0.8.drBinary or memory string: UPDATE "%w".%s SET sql = sqlite_rename_parent(sql, %Q, %Q) WHERE %s;
            Source: DCIService.exe, 00000025.00000002.3292995652.00007FFBAAE5D000.00000002.00000001.01000000.00000019.sdmp, WebCompanion.exe, 00000033.00000002.3397980922.0000000065B48000.00000002.00000001.01000000.0000003A.sdmp, bddcihttp.dll0.8.drBinary or memory string: UPDATE sqlite_temp_master SET sql = sqlite_rename_trigger(sql, %Q), tbl_name = %Q WHERE %s;
            Source: DCIService.exe, 00000025.00000002.3291601212.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe, 00000025.00000000.2258404445.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe0.8.drBinary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q);
            Source: DCIService.exe, 00000025.00000002.3291601212.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe, 00000025.00000000.2258404445.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe0.8.drBinary or memory string: CREATE TABLE IF NOT EXISTS total_capture(Total_sites INTEGER, Total_unsafe INTEGER, Total_typosquatted INTEGER); CREATE UNIQUE INDEX IF NOT EXISTS total_capture_idx ON total_capture(Total_sites, Total_unsafe, Total_typosquatted);
            Source: WebCompanion.exe, 00000033.00000002.3397980922.0000000065B48000.00000002.00000001.01000000.0000003A.sdmpBinary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);
            Source: DCIService.exe, 00000025.00000002.3292995652.00007FFBAAE5D000.00000002.00000001.01000000.00000019.sdmp, WebCompanion.exe, 00000033.00000002.3397980922.0000000065B48000.00000002.00000001.01000000.0000003A.sdmp, bddcihttp.dll0.8.drBinary or memory string: UPDATE %Q.%s SET sql = CASE WHEN type = 'trigger' THEN sqlite_rename_trigger(sql, %Q)ELSE sqlite_rename_table(sql, %Q) END, tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqlite_autoindex%%' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
            Source: WebCompanion.exe, 00000033.00000002.3397980922.0000000065B48000.00000002.00000001.01000000.0000003A.sdmpBinary or memory string: SELECT 'DELETE FROM vacuum_db.' || quote(name) || ';' FROM vacuum_db.sqlite_master WHERE name='sqlite_sequence'
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeFile read: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeJump to behavior
            Source: unknownProcess created: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe "C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe"
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess created: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe "C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe" --silent --partner=FZ210427 --searchenbl
            Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k WerSvcGroup
            Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 2168 -ip 2168
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2168 -s 2464
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeProcess created: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe .\WebCompanionInstaller.exe --partner=FZ210427 --version=9.1.0.993 --silent --partner=FZ210427 --searchenbl
            Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
            Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 2168 -ip 2168
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2168 -s 2596
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\sc.exe "sc.exe" Create "WCAssistantService" binPath= "C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe" DisplayName= "WC Assistant" start= auto
            Source: C:\Windows\SysWOW64\sc.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\sc.exe "sc.exe" failure WCAssistantService reset= 30 actions= restart/60000
            Source: C:\Windows\SysWOW64\sc.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\sc.exe "sc.exe" description "WCAssistantService" "Ad-Aware Web Companion Internet security service"
            Source: C:\Windows\SysWOW64\sc.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\System32\rundll32.exe "C:\Windows\sysnative\RunDLL32.Exe" syssetup,SetupInfObjectInstallAction BootInstall 128 C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci.inf
            Source: C:\Windows\System32\rundll32.exeProcess created: C:\Windows\System32\runonce.exe "C:\Windows\system32\runonce.exe" -r
            Source: C:\Windows\System32\runonce.exeProcess created: C:\Windows\System32\grpconv.exe "C:\Windows\System32\grpconv.exe" -o
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\System32\net.exe "C:\Windows\sysnative\net.exe" start bddci
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\sc.exe "sc.exe" Create "DCIService" binPath= "C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe" DisplayName= "DCIService" start= auto
            Source: C:\Windows\System32\net.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Windows\SysWOW64\sc.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 492 -p 2168 -ip 2168
            Source: C:\Windows\System32\net.exeProcess created: C:\Windows\System32\net1.exe C:\Windows\system32\net1 start bddci
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2168 -s 1192
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\sc.exe "sc.exe" description "DCIService" "Webprotection Bridge service"
            Source: C:\Windows\SysWOW64\sc.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /C "C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bridge_start.cmd"
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\sc.exe sc start DCIService
            Source: unknownProcess created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe "C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe"
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\netsh.exe netsh http add urlacl url=http://+:9007/ user=Everyone
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe "C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --silent --install --geo= --searchenbl
            Source: unknownProcess created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe "C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe"
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\netsh.exe netsh http add urlacl url=http://+:9007/ user=Everyone
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess created: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\rrd1gvmr.cmdline"
            Source: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exeProcess created: C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RES29AE.tmp" "c:\Users\user\AppData\Local\Temp\CSC299E.tmp"
            Source: unknownProcess created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe "C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --minimize
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess created: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\i6uwqyh0.cmdline"
            Source: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exeProcess created: C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RES40C1.tmp" "c:\Users\user\AppData\Local\Temp\CSC40B0.tmp"
            Source: unknownProcess created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe "C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --minimize
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess created: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe "C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe" --silent --partner=FZ210427 --searchenblJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeProcess created: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe .\WebCompanionInstaller.exe --partner=FZ210427 --version=9.1.0.993 --silent --partner=FZ210427 --searchenblJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 2168 -ip 2168Jump to behavior
            Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2168 -s 2464Jump to behavior
            Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 2168 -ip 2168Jump to behavior
            Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2168 -s 2596Jump to behavior
            Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 492 -p 2168 -ip 2168Jump to behavior
            Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2168 -s 1192Jump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess created: C:\Windows\System32\grpconv.exe "C:\Windows\System32\grpconv.exe" -oJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\sc.exe "sc.exe" Create "WCAssistantService" binPath= "C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe" DisplayName= "WC Assistant" start= autoJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\sc.exe "sc.exe" failure WCAssistantService reset= 30 actions= restart/60000Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\sc.exe "sc.exe" description "WCAssistantService" "Ad-Aware Web Companion Internet security service"Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\System32\rundll32.exe "C:\Windows\sysnative\RunDLL32.Exe" syssetup,SetupInfObjectInstallAction BootInstall 128 C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci.infJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\System32\net.exe "C:\Windows\sysnative\net.exe" start bddciJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\sc.exe "sc.exe" description "DCIService" "Webprotection Bridge service"Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /C "C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bridge_start.cmd" Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=EveryoneJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe "C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --silent --install --geo= --searchenbl Jump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess created: unknown unknown
            Source: C:\Windows\System32\rundll32.exeProcess created: C:\Windows\System32\runonce.exe "C:\Windows\system32\runonce.exe" -r
            Source: C:\Windows\System32\runonce.exeProcess created: C:\Windows\System32\grpconv.exe "C:\Windows\System32\grpconv.exe" -o
            Source: C:\Windows\System32\net.exeProcess created: C:\Windows\System32\net1.exe C:\Windows\system32\net1 start bddci
            Source: C:\Windows\SysWOW64\WerFault.exeProcess created: unknown unknown
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\sc.exe sc start DCIService
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\netsh.exe netsh http add urlacl url=http://+:9007/ user=Everyone
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess created: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\rrd1gvmr.cmdline"
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\netsh.exe netsh http add urlacl url=http://+:9007/ user=Everyone
            Source: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exeProcess created: C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RES29AE.tmp" "c:\Users\user\AppData\Local\Temp\CSC299E.tmp"
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess created: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\i6uwqyh0.cmdline"
            Source: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exeProcess created: C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RES40C1.tmp" "c:\Users\user\AppData\Local\Temp\CSC40B0.tmp"
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess created: unknown unknown
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: uxtheme.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: userenv.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: apphelp.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: propsys.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: dwmapi.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: cryptbase.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: oleacc.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: ntmarta.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: version.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: shfolder.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: kernel.appcore.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: windows.storage.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: wldp.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: sspicli.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: secur32.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: riched20.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: usp10.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: msls31.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: textinputframework.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: coreuicomponents.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: coremessaging.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: wintypes.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: wintypes.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: wintypes.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: textshaping.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: wininet.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: iertutil.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: profapi.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: winhttp.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: mswsock.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: iphlpapi.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: winnsi.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: urlmon.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: srvcli.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: netutils.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: dnsapi.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: rasadhlp.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: fwpuclnt.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: schannel.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: mskeyprotect.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: ntasn1.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: msasn1.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: dpapi.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: cryptsp.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: rsaenh.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: gpapi.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: ncrypt.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: ncryptsslp.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: iconcodecservice.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: windowscodecs.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: edputil.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: windows.staterepositoryps.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: appresolver.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: bcp47langs.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: slc.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: sppc.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: onecorecommonproxystub.dllJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeSection loaded: apphelp.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: wersvc.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: windowsperformancerecordercontrol.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: weretw.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: xmllite.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: wer.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: faultrep.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: dbghelp.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: dbgcore.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: wer.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: userenv.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: profapi.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: sspicli.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: mscoree.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: kernel.appcore.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: version.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: windows.storage.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: wldp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: profapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: msasn1.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: riched20.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: usp10.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: msls31.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: cryptsp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: rsaenh.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: cryptbase.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: gpapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: cryptnet.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: iphlpapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: winnsi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: winhttp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: mswsock.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: dhcpcsvc6.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: dhcpcsvc.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: webio.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: sspicli.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: dnsapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: rasadhlp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: fwpuclnt.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: cabinet.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: uxtheme.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: httpapi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: shfolder.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: ntmarta.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: wbemcomn.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: amsi.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: userenv.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: rasapi32.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: rasman.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: rtutils.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: security.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: secur32.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: schannel.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: mskeyprotect.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: ntasn1.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: ncrypt.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: ncryptsslp.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: propsys.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: edputil.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: urlmon.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: iertutil.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: srvcli.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: netutils.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: windows.staterepositoryps.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: wintypes.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: appresolver.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: bcp47langs.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: slc.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: sppc.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: onecorecommonproxystub.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeSection loaded: apphelp.dllJump to behavior
            Source: C:\Windows\System32\svchost.exeSection loaded: kernel.appcore.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: wlidsvc.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: ncrypt.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: cryptsp.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: profapi.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: clipc.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: dpapi.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: ntasn1.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: rsaenh.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: cryptbase.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: windows.storage.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: msxml6.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: msasn1.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: netprofm.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: iphlpapi.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: wtsapi32.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: winsta.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: gamestreamingext.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: msauserext.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: tbs.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: npmproxy.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc6.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: webio.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: mswsock.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: winnsi.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: sspicli.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: dnsapi.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: rasadhlp.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: fwpuclnt.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: schannel.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: mskeyprotect.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: gpapi.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: cryptnet.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: ncryptsslp.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: elscore.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: elstrans.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: cryptngc.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: devobj.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: kernel.appcore.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: licensemanagersvc.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: licensemanager.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: clipc.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: cryptsp.dll
            Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: windows.storage.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: wldp.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: kernel.appcore.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: uxtheme.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: propsys.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: profapi.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: windows.staterepositoryps.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: edputil.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: urlmon.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: iertutil.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: srvcli.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: netutils.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: sspicli.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: wintypes.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: appresolver.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: bcp47langs.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: slc.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: userenv.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: sppc.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: onecorecommonproxystub.dll
            Source: C:\Windows\System32\runonce.exeSection loaded: onecoreuapcommonproxystub.dll
            Source: C:\Windows\System32\grpconv.exeSection loaded: kernel.appcore.dll
            Source: C:\Windows\System32\grpconv.exeSection loaded: uxtheme.dll
            Source: C:\Windows\System32\net.exeSection loaded: mpr.dll
            Source: C:\Windows\System32\net.exeSection loaded: wkscli.dll
            Source: C:\Windows\System32\net.exeSection loaded: netutils.dll
            Source: C:\Windows\System32\net.exeSection loaded: samcli.dll
            Source: C:\Windows\System32\net.exeSection loaded: srvcli.dll
            Source: C:\Windows\System32\net.exeSection loaded: iphlpapi.dll
            Source: C:\Windows\System32\net1.exeSection loaded: samcli.dll
            Source: C:\Windows\System32\net1.exeSection loaded: netutils.dll
            Source: C:\Windows\System32\net1.exeSection loaded: dsrole.dll
            Source: C:\Windows\System32\net1.exeSection loaded: srvcli.dll
            Source: C:\Windows\System32\net1.exeSection loaded: wkscli.dll
            Source: C:\Windows\System32\net1.exeSection loaded: logoncli.dll
            Source: C:\Windows\System32\net1.exeSection loaded: cryptbase.dll
            Source: C:\Windows\SysWOW64\cmd.exeSection loaded: cmdext.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exeSection loaded: apphelp.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exeSection loaded: msvcp140.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exeSection loaded: vcruntime140.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exeSection loaded: vcruntime140_1.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exeSection loaded: vcruntime140.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exeSection loaded: vcruntime140_1.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exeSection loaded: kernel.appcore.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exeSection loaded: windows.storage.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exeSection loaded: wldp.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exeSection loaded: version.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exeSection loaded: ntmarta.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exeSection loaded: iphlpapi.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exeSection loaded: mswsock.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exeSection loaded: dhcpcsvc6.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exeSection loaded: dhcpcsvc.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exeSection loaded: dnsapi.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exeSection loaded: cryptbase.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: kernel.appcore.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: ifmon.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: iphlpapi.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: mprapi.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: rasmontr.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: rasapi32.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: fwpuclnt.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: rasman.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: mfc42u.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: rasman.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: authfwcfg.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: fwpolicyiomgr.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: firewallapi.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: dnsapi.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: fwbase.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: dhcpcmonitor.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: dot3cfg.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: dot3api.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: onex.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: eappcfg.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: ncrypt.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: eappprxy.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: ntasn1.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: fwcfg.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: hnetmon.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: netshell.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: nlaapi.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: netsetupapi.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: netiohlp.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: dhcpcsvc.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: winnsi.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: nshhttp.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: httpapi.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: nshipsec.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: userenv.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: activeds.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: polstore.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: winipsec.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: adsldpc.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: nshwfp.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: cabinet.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: p2pnetsh.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: p2p.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: profapi.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: cryptbase.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: rpcnsh.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: whhelper.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: winhttp.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: wlancfg.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: cryptsp.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: wlanapi.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: wshelper.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: wevtapi.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: mswsock.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: peerdistsh.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: uxtheme.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: wcmapi.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: rmclient.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: mobilenetworking.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: slc.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: sppc.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: gpapi.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: ktmw32.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: mprmsg.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: windows.storage.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: wldp.dll
            Source: C:\Windows\SysWOW64\netsh.exeSection loaded: msasn1.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: mscoree.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: kernel.appcore.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: version.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: windows.storage.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: wldp.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: profapi.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: msasn1.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: riched20.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: usp10.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: msls31.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: cryptsp.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: rsaenh.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: cryptbase.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: gpapi.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: uxtheme.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: shfolder.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: rasapi32.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: rasman.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: rtutils.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: mswsock.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: winhttp.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: ondemandconnroutehelper.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: iphlpapi.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: dhcpcsvc6.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: dhcpcsvc.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: dnsapi.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: winnsi.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: rasadhlp.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: fwpuclnt.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: ntmarta.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: mpr.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: scrrun.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: propsys.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: sxs.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: linkinfo.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: ntshrui.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: sspicli.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: srvcli.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: cscapi.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: wbemcomn.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: amsi.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: userenv.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: security.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: secur32.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: schannel.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: mskeyprotect.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: ntasn1.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: ncrypt.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: ncryptsslp.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: httpapi.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: vcruntime140d.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: ucrtbased.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: liblz4.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: ucrtbased.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: vcruntime140_clr0400.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: ucrtbase_clr0400.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: ucrtbase_clr0400.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeSection loaded: netutils.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: mscoree.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: apphelp.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: kernel.appcore.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: version.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: windows.storage.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: wldp.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: profapi.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: msasn1.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: riched20.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: usp10.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: msls31.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: cryptsp.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: rsaenh.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: cryptbase.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: gpapi.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: cryptnet.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: iphlpapi.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: winnsi.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: winhttp.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: ondemandconnroutehelper.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: mswsock.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: dhcpcsvc6.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: dhcpcsvc.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: webio.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: sspicli.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: dnsapi.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: rasadhlp.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: fwpuclnt.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: ondemandconnroutehelper.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: ondemandconnroutehelper.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: shfolder.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: netfxperf.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: napinsp.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: pnrpnsp.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: wshbth.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: nlaapi.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: winrnr.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: wbemcomn.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: amsi.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: userenv.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: propsys.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: edputil.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: urlmon.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: iertutil.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: srvcli.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: netutils.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: windows.staterepositoryps.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: wintypes.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: appresolver.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: bcp47langs.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: slc.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: sppc.dll
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeSection loaded: onecorecommonproxystub.dll
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile written: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bdnc.iniJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeAutomated click: I Agree
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeAutomated click: Next >
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeAutomated click: Accept
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeAutomated click: Next >
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeAutomated click: Accept
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeAutomated click: Next >
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeAutomated click: Accept
            Source: Window RecorderWindow detected: More than 3 window changes detected
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeWindow detected: I &AgreeCancelNullsoft Install System v3.09 Nullsoft Install System v3.09License AgreementPlease review the license terms before installing FileZilla Client 3.67.1.Press Page Down to see the rest of the agreement. GNU GENERAL PUBLIC LICENSE Version 2 June 1991 Copyright (C) 1989 1991 Free Software Foundation Inc. 59 Temple Place Suite 330 Boston MA 02111-1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document but changing it is not allowed. Preamble The licenses for most software are designed to take away yourfreedom to share and change it. By contrast the GNU General PublicLicense is intended to guarantee your freedom to share and change freesoftware--to make sure the software is free for all its users. ThisGeneral Public License applies to most of the Free SoftwareFoundation's software and to any other program whose authors commit tousing it. (Some other Free Software Foundation software is covered bythe GNU Library General Public License instead.) You can apply it toyour programs too. When we speak of free software we are referring to freedom notprice. Our General Public Licenses are designed to make sure that youhave the freedom to distribute copies of free software (and charge forthis service if you wish) that you receive source code or can get itif you want it that you can change the software or use pieces of itin new free programs; and that you know you can do these things. To protect your rights we need to make restrictions that forbidanyone to deny you these rights or to ask you to surrender the rights.These restrictions translate to certain responsibilities for you if youdistribute copies of the software or if you modify it. For example if you distribute copies of such a program whethergratis or for a fee you must give the recipients all the rights thatyou have. You must make sure that they too receive or can get thesource code. And you must show them these terms so they know theirrights. We protect your rights with two steps: (1) copyright the software and(2) offer you this license which gives you legal permission to copydistribute and/or modify the software. Also for each author's protection and ours we want to make certainthat everyone understands that there is no warranty for this freesoftware. If the software is modified by someone else and passed on wewant its recipients to know that what they have is not the original sothat any problems introduced by others will not reflect on the originalauthors' reputations. Finally any free program is threatened constantly by softwarepatents. We wish to avoid the danger that redistributors of a freeprogram will individually obtain patent licenses in effect making theprogram proprietary. To prevent this we have made it clear that anypatent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying distribution andmodification follow. GNU GENERAL PUBLIC LICEN
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile opened: C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dllJump to behavior
            Source: FileZilla_3.67.1_win64_sponsored-setup.exeStatic PE information: certificate valid
            Source: FileZilla_3.67.1_win64_sponsored-setup.exeStatic file information: File size 12417936 > 1048576
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile opened: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9672_none_d08f9da24428a513\MSVCR80.dllJump to behavior
            Source: FileZilla_3.67.1_win64_sponsored-setup.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
            Source: Binary string: d:\agent\_work\2\s\\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdb source: DCIService.exe, 00000025.00000002.3296074480.00007FFBC1B85000.00000002.00000001.01000000.00000016.sdmp
            Source: Binary string: c:\Projects\WebCompanion\Common\SearchProtect.Service.Logger\obj\Debug\Lavasoft.WCAssistant.Service.Logger.pdb source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3303358857.000000001AC02000.00000002.00000001.01000000.00000041.sdmp
            Source: Binary string: sav.pdba source: DCIService.exe, 00000025.00000002.3295595677.00007FFBC1AB2000.00000002.00000001.01000000.0000001B.sdmp, sav.dll0.8.dr
            Source: Binary string: C:\Windows\dll\System.ServiceProcess.pdbPro source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3288927631.00000000014C6000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: -Nk0/C:\Users\user\AppData\Local\Temp\vcbtw7fm.pdb source: WebCompanion.exe, 00000038.00000002.3292238601.0000000003770000.00000004.00000800.00020000.00000000.sdmp
            Source: Binary string: http.pdb source: DCIService.exe, 00000025.00000002.3294925946.00007FFBB4F9C000.00000002.00000001.01000000.0000001C.sdmp
            Source: Binary string: ucrtbase.pdb source: ucrtbase.dll0.8.dr
            Source: Binary string: api-ms-win-core-file-l1-2-0.pdb source: api-ms-win-core-file-l1-2-0.dll.8.dr
            Source: Binary string: ftp.pdb source: DCIService.exe, 00000025.00000002.3295132465.00007FFBB5C1E000.00000002.00000001.01000000.00000021.sdmp
            Source: Binary string: d:\agent\_work\9\s\\binaries\x86ret\bin\i386\vccorlib140.i386.pdbGCTL source: vccorlib140.dll.8.dr
            Source: Binary string: D:\Bamboo\home\xml-data\build-dir\OEMSDK-OHDS-SOURCES\bin\Win32\Release\bddcihttp.pdbx source: bddcihttp.dll0.8.dr
            Source: Binary string: c:\dev\sqlite\dotnet\obj\2008\Release\System.Data.SQLite.pdb source: WebCompanion.exe, 00000033.00000002.3361794418.0000000008BD2000.00000002.00000001.01000000.00000039.sdmp, System.Data.SQLite.dll.8.dr
            Source: Binary string: api-ms-win-core-sysinfo-l1-1-0.pdb source: api-ms-win-core-sysinfo-l1-1-0.dll0.8.dr
            Source: Binary string: E:\builds\DCI-BDDCI345-ISV_new\bin\x64\Release\bddci.pdb source: rundll32.exe, 00000015.00000003.2051248912.000001BAE0484000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: C:\Windows\symbols\dll\System.ServiceProcess.pdb8f0 source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3288927631.00000000014C6000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: C:\Projects\WebCompanion\Common\SearchProtect.WcfService\obj\Debug\Lavasoft.WCAssistant.WcfService.pdbT source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3304199031.000000001AC22000.00000002.00000001.01000000.00000042.sdmp
            Source: Binary string: D:\Projects\Adaware\webcompanion\Common\Lavasoft.Utils\obj\x86\Debug\Lavasoft.Utils.pdb source: WebCompanion.exe, 00000038.00000002.3321152714.0000000006092000.00000002.00000001.01000000.00000028.sdmp
            Source: Binary string: -Nk0/C:\Users\user\AppData\Local\Temp\vcbtw7fm.pdb\ source: WebCompanion.exe, 00000038.00000002.3292238601.0000000003649000.00000004.00000800.00020000.00000000.sdmp
            Source: Binary string: C:\Windows\TEMP\drone-kwRqivJrrmmjgcRp\drone\src\DCIService\Release\DCIService.pdb source: DCIService.exe0.8.dr
            Source: Binary string: D:\Projects\Adaware\webcompanion\Common\Lavasoft.Events\obj\x86\Debug\Lavasoft.Events.pdb source: WebCompanion.exe, 00000038.00000002.3322211980.00000000060E2000.00000002.00000001.01000000.00000029.sdmp
            Source: Binary string: api-ms-win-core-heap-l1-1-0.pdb source: api-ms-win-core-heap-l1-1-0.dll.8.dr
            Source: Binary string: smb.pdb source: DCIService.exe, 00000025.00000002.3293877845.00007FFBAB969000.00000002.00000001.01000000.0000001E.sdmp
            Source: Binary string: api-ms-win-core-synch-l1-1-0.pdb source: api-ms-win-core-synch-l1-1-0.dll.8.dr
            Source: Binary string: c:\Projects\WebCompanion\Common\Lavasoft.Utils.SqlLite\obj\x86\Debug\Lavasoft.Utils.SqlLite.pdb source: WebCompanion.exe, 00000033.00000002.3361690161.0000000008BB2000.00000002.00000001.01000000.00000038.sdmp
            Source: Binary string: c:\dev\sqlite\dotnet\obj\2008\Release\System.Data.SQLite.pdbX. source: WebCompanion.exe, 00000033.00000002.3361794418.0000000008BD2000.00000002.00000001.01000000.00000039.sdmp, System.Data.SQLite.dll.8.dr
            Source: Binary string: c:\Windows\Temp\drone-ITnqm7dmUCKa46Dt\drone\src\WebCompanion\Companion.UI\obj\x86\Debug\WebCompanion.pdb source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp
            Source: Binary string: d:\agent\_work\2\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: DCIService.exe, 00000025.00000002.3295923966.00007FFBC1B20000.00000002.00000001.01000000.00000017.sdmp
            Source: Binary string: api-ms-win-core-processthreads-l1-1-0.pdb source: api-ms-win-core-processthreads-l1-1-0.dll0.8.dr
            Source: Binary string: ws\System.ServiceProcess.pdbpdbess.pdb source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3288927631.00000000014C6000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: D:\Bamboo\home\xml-data\build-dir\OEMSDK-OHDS-SOURCES\bin\x64\Release\bddcihttp.pdbu source: DCIService.exe, 00000025.00000002.3292995652.00007FFBAAE5D000.00000002.00000001.01000000.00000019.sdmp
            Source: Binary string: api-ms-win-crt-private-l1-1-0.pdb source: api-ms-win-crt-private-l1-1-0.dll0.8.dr
            Source: Binary string: api-ms-win-core-file-l1-1-0.pdb source: api-ms-win-core-file-l1-1-0.dll.8.dr
            Source: Binary string: E:\builds\DCI-BDDCI345-ISV_new\bin\x64\Release\bddci_core.pdb source: DCIService.exe, 00000025.00000002.3292399816.00007FFBAAC40000.00000002.00000001.01000000.0000001A.sdmp
            Source: Binary string: C:\SourceCode\TFS\MozCompressor\Debug\MozCompressor.pdb source: WebCompanion.exe, 00000033.00000002.3371693950.000000000B635000.00000002.00000001.01000000.00000031.sdmp
            Source: Binary string: C:\Windows\System.ServiceProcess.pdbiles (x22 source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3288927631.00000000014C6000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: smtp.pdb source: DCIService.exe, 00000025.00000002.3295439090.00007FFBC1A1E000.00000002.00000001.01000000.0000001F.sdmp
            Source: Binary string: c:\Windows\Temp\drone-ITnqm7dmUCKa46Dt\drone\src\WebCompanion\Companion.UI\obj\x86\Debug\WebCompanion.pdb` source: WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp
            Source: Binary string: c:\Windows\Temp\drone-ITnqm7dmUCKa46Dt\drone\src\WebCompanion\Lavasoft.matcher\obj\Debug\Lavasoft.adblocker.pdb source: WebCompanion.exe, 00000033.00000002.3360658612.0000000008802000.00000002.00000001.01000000.0000003C.sdmp
            Source: Binary string: vcruntime140d.i386.pdb source: WebCompanion.exe, 00000033.00000002.3402091526.000000006E6C1000.00000020.00000001.01000000.00000032.sdmp
            Source: Binary string: ucrtbase.pdbUGP source: ucrtbase.dll0.8.dr
            Source: Binary string: compiler: cl /Zi /Fdossl_static.pdb /MT /Zl /Gs0 /GF /Gy /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC source: DCIService.exe, 00000025.00000002.3291601212.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe, 00000025.00000000.2258404445.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe0.8.dr
            Source: Binary string: bittorrent.pdb source: DCIService.exe, 00000025.00000002.3294656207.00007FFBB4C4B000.00000002.00000001.01000000.00000022.sdmp
            Source: Binary string: ssl.pdb source: DCIService.exe, 00000025.00000002.3294176146.00007FFBAB9A8000.00000002.00000001.01000000.0000001D.sdmp
            Source: Binary string: C:\Projects\WebCompanion\Common\SearchProtect.WcfService\obj\Debug\Lavasoft.WCAssistant.WcfService.pdb source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3304199031.000000001AC22000.00000002.00000001.01000000.00000042.sdmp
            Source: Binary string: rpc.pdb source: DCIService.exe, 00000025.00000002.3294409297.00007FFBB189B000.00000002.00000001.01000000.00000023.sdmp, rpc.dll0.8.dr
            Source: Binary string: C:\Windows\TEMP\drone-kwRqivJrrmmjgcRp\drone\src\DCIService\x64\Release\DCIService.pdb source: DCIService.exe, 00000025.00000002.3291601212.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe, 00000025.00000000.2258404445.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp
            Source: Binary string: erviceProcess.pdb source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3288927631.00000000014C6000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: d:\agent\_work\2\s\\binaries\amd64ret\bin\amd64\\msvcp140_1.amd64.pdb source: msvcp140_1.dll0.8.dr
            Source: Binary string: c:\Windows\Temp\drone-ITnqm7dmUCKa46Dt\drone\src\WebCompanion\Lavasoft.matcher\obj\Debug\Lavasoft.adblocker.pdbp source: WebCompanion.exe, 00000033.00000002.3360658612.0000000008802000.00000002.00000001.01000000.0000003C.sdmp
            Source: Binary string: api-ms-win-core-processenvironment-l1-1-0.pdb source: api-ms-win-core-processenvironment-l1-1-0.dll0.8.dr
            Source: Binary string: c:\Windows\Temp\drone-ITnqm7dmUCKa46Dt\drone\src\WebCompanion\Installer\WebCompanionInstaller\obj\Release\WebCompanionInstaller.pdb source: WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp
            Source: Binary string: ?crypto\stack\stack.ccompiler: cl /Zi /Fdossl_static.pdb /MT /Zl /Gs0 /GF /Gy /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PICcrypto\ex_data.c source: DCIService.exe0.8.dr
            Source: Binary string: C:\Projects\WebCompanion\Common\SearchProtect.WinService\obj\Debug\Lavasoft.WCAssistant.WinService.pdb source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000000.2382563063.0000000000F42000.00000002.00000001.01000000.00000036.sdmp
            Source: Binary string: D:\Projects\Adaware\webcompanion\Common\SearchProtect.Business\obj\x86\Debug\Lavasoft.SearchProtect.Business.pdb source: WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmp
            Source: Binary string: c:\Projects\WebCompanion\Common\Lavasoft.Compression\obj\x86\Debug\Lavasoft.Compression.pdb source: WebCompanion.exe, 00000033.00000002.3368956526.000000000B302000.00000002.00000001.01000000.00000030.sdmp
            Source: Binary string: api-ms-win-core-localization-l1-2-0.pdb source: api-ms-win-core-localization-l1-2-0.dll0.8.dr
            Source: Binary string: pop3.pdb source: DCIService.exe, 00000025.00000002.3295280426.00007FFBBC28C000.00000002.00000001.01000000.00000020.sdmp
            Source: Binary string: C:\BuildDependencies\WebCompanion993\WebCompanionExtensionIE\Debug\WebCompanionExtensionIE.pdbG source: WebCompanionExtensionIE.dll.8.dr
            Source: Binary string: D:\Bamboo\home\xml-data\build-dir\OEMSDK-OHDS-SOURCES\bin\Win32\Release\bddcihttp.pdb source: bddcihttp.dll0.8.dr
            Source: Binary string: sav.pdb source: DCIService.exe, 00000025.00000002.3295595677.00007FFBC1AB2000.00000002.00000001.01000000.0000001B.sdmp, sav.dll0.8.dr
            Source: Binary string: c:\Projects\WebCompanion\Common\Lavasoft.Utils.SqlLite\obj\x86\Debug\Lavasoft.Utils.SqlLite.pdb <>< 0<_CorDllMainmscoree.dll source: WebCompanion.exe, 00000033.00000002.3361690161.0000000008BB2000.00000002.00000001.01000000.00000038.sdmp
            Source: Binary string: api-ms-win-crt-multibyte-l1-1-0.pdb source: api-ms-win-crt-multibyte-l1-1-0.dll.8.dr
            Source: Binary string: crypto\stack\stack.ccompiler: cl /Zi /Fdossl_static.pdb /MT /Zl /Gs0 /GF /Gy /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PICcrypto\ex_data.c source: DCIService.exe, 00000025.00000002.3291601212.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp, DCIService.exe, 00000025.00000000.2258404445.00007FF66326A000.00000002.00000001.01000000.00000015.sdmp
            Source: Binary string: E:\builds\DCI-BDDCI345-ISV_new\bin\x64\Release\bddci_core.pdbJ source: DCIService.exe, 00000025.00000002.3292399816.00007FFBAAC40000.00000002.00000001.01000000.0000001A.sdmp
            Source: Binary string: api-ms-win-core-rtlsupport-l1-1-0.pdb source: api-ms-win-core-rtlsupport-l1-1-0.dll.8.dr, api-ms-win-core-rtlsupport-l1-1-0.dll0.8.dr
            Source: Binary string: api-ms-win-core-timezone-l1-1-0.pdb source: api-ms-win-core-timezone-l1-1-0.dll0.8.dr
            Source: Binary string: d:\agent\_work\2\s\\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb source: DCIService.exe, 00000025.00000002.3295822591.00007FFBC1B05000.00000002.00000001.01000000.00000018.sdmp
            Source: Binary string: c:\dev\sqlite\dotnet\bin\2008\Win32\ReleaseNativeOnlyStatic\SQLite.Interop.pdb`: source: WebCompanion.exe, 00000033.00000002.3397980922.0000000065B48000.00000002.00000001.01000000.0000003A.sdmp
            Source: Binary string: lsa.pdb source: DCIService.exe, 00000025.00000002.3293537075.00007FFBAB93B000.00000002.00000001.01000000.00000024.sdmp
            Source: Binary string: c:\Temp\Release\Working\Newtonsoft.Json\Src\Newtonsoft.Json\obj\Release\Newtonsoft.Json.pdb source: WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3325261328.0000000007C42000.00000002.00000001.01000000.00000012.sdmp, Newtonsoft.Json.dll.8.dr
            Source: Binary string: vcruntime140d.i386.pdb+++ source: WebCompanion.exe, 00000033.00000002.3402091526.000000006E6C1000.00000020.00000001.01000000.00000032.sdmp
            Source: Binary string: C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.pdbping source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3288927631.00000000014C6000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: C:\BuildDependencies\WebCompanion993\WebCompanionExtensionIE\Debug\WebCompanionExtensionIE.pdb source: WebCompanionExtensionIE.dll.8.dr
            Source: Binary string: D:\Bamboo\home\xml-data\build-dir\OEMSDK-OHDS-SOURCES\bin\x64\Release\bddcihttp.pdb source: DCIService.exe, 00000025.00000002.3292995652.00007FFBAAE5D000.00000002.00000001.01000000.00000019.sdmp
            Source: Binary string: ucrtbased.pdb source: WebCompanion.exe, 00000033.00000002.3398528396.000000006D411000.00000020.00000001.01000000.00000034.sdmp
            Source: Binary string: ressor.pdb source: WebCompanion.exe, 00000033.00000002.3339218992.0000000005AE0000.00000004.00000020.00020000.00000000.sdmp
            Source: Binary string: d:\agent\_work\9\s\\binaries\x86ret\bin\i386\vccorlib140.i386.pdb source: vccorlib140.dll.8.dr
            Source: Binary string: c:\dev\sqlite\dotnet\bin\2008\Win32\ReleaseNativeOnlyStatic\SQLite.Interop.pdb source: WebCompanion.exe, 00000033.00000002.3397980922.0000000065B48000.00000002.00000001.01000000.0000003A.sdmp
            Source: Binary string: c:\Windows\Temp\drone-ITnqm7dmUCKa46Dt\drone\src\WebCompanion\Lavasoft.AppCore\obj\Debug\Lavasoft.AppCore.pdb source: WebCompanion.exe, 00000038.00000002.3318646981.0000000005BF2000.00000002.00000001.01000000.00000027.sdmp
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess created: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\rrd1gvmr.cmdline"
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess created: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\i6uwqyh0.cmdline"
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess created: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\rrd1gvmr.cmdline"
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess created: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\i6uwqyh0.cmdline"
            Source: WebCompanionInstaller.resources.dll1.4.drStatic PE information: real checksum: 0x0 should be: 0xa303
            Source: System.dll.0.drStatic PE information: real checksum: 0x0 should be: 0x67cd
            Source: nseDA4F.tmp.0.drStatic PE information: real checksum: 0x9007d should be: 0x8775b
            Source: WebCompanionInstaller.resources.dll6.4.drStatic PE information: real checksum: 0x0 should be: 0x4ad5
            Source: INetC.dll.0.drStatic PE information: real checksum: 0x0 should be: 0x8b4c
            Source: WcInstaller[1].exe.0.drStatic PE information: real checksum: 0x9007d should be: 0x95408
            Source: UserInfo.dll.0.drStatic PE information: real checksum: 0x0 should be: 0xba48
            Source: WebCompanionInstaller.resources.dll5.4.drStatic PE information: real checksum: 0x0 should be: 0xf12e
            Source: WebCompanionInstaller.resources.dll.4.drStatic PE information: real checksum: 0x0 should be: 0x6035
            Source: WebCompanionInstaller.resources.dll2.4.drStatic PE information: real checksum: 0x0 should be: 0x10e13
            Source: WebCompanionInstaller.resources.dll8.4.drStatic PE information: real checksum: 0x0 should be: 0x454c
            Source: WebCompanionInstaller.resources.dll7.4.drStatic PE information: real checksum: 0x0 should be: 0xaf4e
            Source: WebCompanionInstaller.resources.dll0.4.drStatic PE information: real checksum: 0x0 should be: 0xb694
            Source: WebCompanionInstaller.resources.dll3.4.drStatic PE information: real checksum: 0x0 should be: 0x47cd
            Source: WebCompanionInstaller.resources.dll4.4.drStatic PE information: real checksum: 0x0 should be: 0x66d4
            Source: nsdF22D.tmp.0.drStatic PE information: real checksum: 0x9007d should be: 0x95408
            Source: nsDialogs.dll.0.drStatic PE information: real checksum: 0x0 should be: 0x3e52
            Source: UAC.dll.0.drStatic PE information: real checksum: 0x0 should be: 0xde12
            Source: WcInstaller[1].exe.0.drStatic PE information: section name: .sxdata
            Source: nseDA4F.tmp.0.drStatic PE information: section name: .sxdata
            Source: nsdF22D.tmp.0.drStatic PE information: section name: .sxdata
            Source: scan.dll.8.drStatic PE information: section name: .orpc

            Persistence and Installation Behavior

            barindex
            Creates files in the system32 config directory
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeFile created: C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A37B8BA80004D3266CB4D93B2052DC10_EBDB5A7037F08CDFB408DBFC0D44B43D
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeFile created: C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A37B8BA80004D3266CB4D93B2052DC10_EBDB5A7037F08CDFB408DBFC0D44B43D
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeFile created: C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\026A86A161D256DBB33076EDF20C0E5E_86AB612B21DEDF3B8CD155ED2E4114FF
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeFile created: C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\026A86A161D256DBB33076EDF20C0E5E_86AB612B21DEDF3B8CD155ED2E4114FF
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeFile created: C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\AF360AACB1570042DEFBC833317997D0_684EE07DA693FF51901FCCD35B88A7C0
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeFile created: C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\AF360AACB1570042DEFBC833317997D0_684EE07DA693FF51901FCCD35B88A7C0
            Source: C:\Windows\System32\netsh.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\PeerDistRepub
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-processthreads-l1-1-1.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\sav.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\smb.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Automation.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci_core.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\tr-TR\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\ucrtbased.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\ssl.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeFile created: C:\Users\user\AppData\Local\Temp\7zS46E8489B\pt-BR\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-namedpipe-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-process-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\ru-RU\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-rtlsupport-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-time-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\liblz4.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Microsoft.mshtml.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-datetime-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-conio-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeFile created: C:\Users\user\AppData\Local\Temp\7zS46E8489B\en-US\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-filesystem-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-sysinfo-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-conio-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\es-ES\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-string-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.SHDocVw.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\ftp.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\it-IT\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-processthreads-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\vcruntime140d.dllJump to dropped file
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\WcInstaller[1].exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\pt-BR\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-file-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\log4net.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Ionic.Zip.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddci_core.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\ucrtbase.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Extension.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeFile created: C:\Users\user\AppData\Local\Temp\7zS46E8489B\de-DE\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-convert-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-multibyte-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\de-DE\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\x86\SQLite.Interop.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\http.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\msvcp140_1.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeFile created: C:\Users\user\AppData\Local\Temp\7zS46E8489B\it-IT\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-handle-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.LavasoftTcpServiceLib.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-profile-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Newtonsoft.Json.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\DotNetZip.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-sysinfo-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddci.sysJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\rpc.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-handle-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\System.Data.SQLite.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\lsa.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\LZ4.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.WUApiLib.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-profile-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-debug-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\en-US\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-localization-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-multibyte-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Events.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-heap-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-file-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeFile created: C:\Users\user\AppData\Local\Temp\7zS46E8489B\tr-TR\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-time-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-synch-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-string-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\vccorlib140.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-string-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\pop3.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddcihttp.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-errorhandling-l1-1-0.dllJump to dropped file
            Source: C:\Windows\System32\rundll32.exeFile created: C:\Windows\System32\drivers\SET9770.tmpJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-convert-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-synch-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\de-DE\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\tr-TR\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\fr-CA\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeFile created: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\INetC.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\ICSharpCode.SharpZipLib.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-processenvironment-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-synch-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-filesystem-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bdnc.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeFile created: C:\Users\user\AppData\Local\Temp\7zS46E8489B\Newtonsoft.Json.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-heap-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\it-IT\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\ucrtbase.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\msvcp140.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Omni.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-libraryloader-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\msvcp140_2.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeFile created: C:\Users\user\AppData\Local\Temp\7zS46E8489B\es-ES\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\ru-RU\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\BCUEngineS.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\ja-JP\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-file-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-math-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Search.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\sav.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\smb.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\zh-Hans\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Esent.Interop.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-file-l2-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\ssl.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\OnlineThreatsSimple.dllJump to dropped file
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeFile created: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\System.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-console-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\pop3.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\vcruntime140.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-synch-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\concrt140.dllJump to dropped file
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeFile created: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\nsDialogs.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-timezone-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-namedpipe-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\msvcp140_codecvt_ids.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-runtime-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-environment-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-localization-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Compression.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeFile created: C:\Users\user\AppData\Local\Temp\7zS46E8489B\ru-RU\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-rtlsupport-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\http.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\msvcp140_2.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-file-l2-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-private-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-utility-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\vccorlib140.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\WebFilteringSimple.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\en-US\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\rpc.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\OnlineThreatsSimple.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-locale-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\zh-CHS\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-errorhandling-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-timezone-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-private-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\WebFilteringSimple.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.IWshRuntimeLibrary.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\NCalc.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\smtp.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-heap-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeFile created: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\UAC.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-stdio-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\scan.dllJump to dropped file
            Source: C:\Windows\System32\rundll32.exeFile created: C:\Windows\system32\DRIVERS\bddci.sys (copy)Jump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.Shell32.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeFile created: C:\Users\user\AppData\Local\Temp\7zS46E8489B\ja-JP\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\DCIService.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-interlocked-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-interlocked-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\acs17.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-locale-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-runtime-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-util-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\MozCompressor.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-math-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-console-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\msvcp140_codecvt_ids.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\smtp.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\ftp.dllJump to dropped file
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeFile created: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe (copy)Jump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddcihttp.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-heap-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeFile created: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\scan.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.IEController.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-string-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Ad-Aware Web Companion.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-processthreads-l1-1-1.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\pt-BR\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-process-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-processthreads-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-processenvironment-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-libraryloader-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\BDUpdateServiceCom.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\x64\SQLite.Interop.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\msvcp140_1.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.Loader.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci.sysJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\msvcp140.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeFile created: C:\Users\user\AppData\Local\Temp\7zS46E8489B\zh-CHS\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bittorrent.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\lsa.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-datetime-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-debug-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\es-ES\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\fr-CA\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\ja-JP\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-utility-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-memory-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-util-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeFile created: C:\Users\user\AppData\Local\Temp\nseDA4F.tmpJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeFile created: C:\Users\user\AppData\Local\Temp\7zS46E8489B\ICSharpCode.SharpZipLib.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\BDUpdateServiceCom.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeFile created: C:\Users\user\AppData\Local\Temp\7zS46E8489B\fr-CA\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\7za.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionExtensionIE.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-stdio-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeFile created: C:\Users\user\AppData\Local\Temp\nsdF22D.tmpJump to dropped file
            Source: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exeFile created: C:\Users\user\AppData\Local\Temp\rrd1gvmr.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WcCommunication.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-memory-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\BCUSDK.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-file-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeFile created: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\UserInfo.dllJump to dropped file
            Source: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exeFile created: C:\Users\user\AppData\Local\Temp\i6uwqyh0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-environment-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bdnc.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\vcruntime140_1.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Settings.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\vcruntime140.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\concrt140.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bittorrent.dllJump to dropped file
            Source: C:\Windows\System32\rundll32.exeFile created: C:\Windows\system32\DRIVERS\bddci.sys (copy)Jump to dropped file
            Source: C:\Windows\System32\rundll32.exeFile created: C:\Windows\System32\drivers\SET9770.tmpJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\Users\user\AppData\Local\Temp\WcInstaller.logJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeFile created: C:\ProgramData\Lavasoft\Web Companion\Options\install.txtJump to behavior

            Boot Survival

            barindex
            Creates an autostart registry key pointing to binary in C:\Windows
            Source: C:\Windows\System32\rundll32.exeRegistry value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce GrpConv
            Creates multiple autostart registry keys
            Source: C:\Windows\System32\rundll32.exeRegistry value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce GrpConv
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Web Companion
            Source: C:\Windows\System32\rundll32.exeRegistry key created: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BdDci
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeFile created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeFile created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeFile created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion\Frequently Asked Questions.url
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeFile created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion\Web Companion.lnk
            Source: C:\Windows\System32\rundll32.exeRegistry value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce GrpConv
            Source: C:\Windows\System32\rundll32.exeRegistry value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce GrpConv
            Source: C:\Windows\System32\rundll32.exeRegistry value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce GrpConv
            Source: C:\Windows\System32\rundll32.exeRegistry value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce GrpConv
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Web Companion
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Web Companion
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\sc.exe "sc.exe" Create "WCAssistantService" binPath= "C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe" DisplayName= "WC Assistant" start= auto
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdateJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRootJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRootJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\runonce.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\runonce.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\runonce.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\runonce.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\runonce.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\runonce.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\runonce.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\runonce.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\runonce.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\runonce.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\runonce.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\grpconv.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\grpconv.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\grpconv.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\System32\grpconv.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\netsh.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Windows\SysWOW64\netsh.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeProcess information set: NOOPENFILEERRORBOX
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeMemory allocated: 17D0000 memory reserve | memory write watch
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeMemory allocated: 3470000 memory reserve | memory write watch
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeMemory allocated: 17D0000 memory commit | memory reserve | memory write watch
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeMemory allocated: 15E0000 memory reserve | memory write watch
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeMemory allocated: 3260000 memory reserve | memory write watch
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeMemory allocated: 5260000 memory commit | memory reserve | memory write watch
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeMemory allocated: 1490000 memory reserve | memory write watch
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeMemory allocated: 21B0000 memory reserve | memory write watch
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeMemory allocated: 1A1B0000 memory commit | memory reserve | memory write watch
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeMemory allocated: 1590000 memory reserve | memory write watch
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeMemory allocated: 3240000 memory reserve | memory write watch
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeMemory allocated: 1590000 memory commit | memory reserve | memory write watch
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeMemory allocated: 11D0000 memory reserve | memory write watch
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeMemory allocated: 31D0000 memory reserve | memory write watch
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeMemory allocated: 51D0000 memory commit | memory reserve | memory write watch
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 922337203685477
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 300000
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 922337203685477
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 922337203685477
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 922337203685477
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 300000
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 922337203685477
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 300000
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 300000
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 922337203685477
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 300000
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 922337203685477
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 922337203685477
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 922337203685477
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 300000
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeWindow / User API: threadDelayed 1612
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeWindow / User API: threadDelayed 8375
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeWindow / User API: threadDelayed 5538
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeWindow / User API: threadDelayed 4355
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-processthreads-l1-1-1.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\smb.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\sav.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Automation.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci_core.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\tr-TR\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\ssl.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\7zS46E8489B\pt-BR\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-namedpipe-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-process-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\ru-RU\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-rtlsupport-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-time-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Microsoft.mshtml.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-conio-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-datetime-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\7zS46E8489B\en-US\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-filesystem-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-sysinfo-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-conio-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-string-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\es-ES\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.SHDocVw.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\ftp.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\it-IT\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-processthreads-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\pt-BR\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-file-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\log4net.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddci_core.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Ionic.Zip.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Extension.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\7zS46E8489B\de-DE\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-convert-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-multibyte-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\de-DE\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\x86\SQLite.Interop.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\http.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\msvcp140_1.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\7zS46E8489B\it-IT\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-handle-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.LavasoftTcpServiceLib.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-profile-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Newtonsoft.Json.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\DotNetZip.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-sysinfo-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddci.sysJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\rpc.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-handle-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\System.Data.SQLite.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\lsa.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\LZ4.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.WUApiLib.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-profile-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\en-US\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-debug-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-localization-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-multibyte-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Events.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-heap-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-file-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\7zS46E8489B\tr-TR\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-synch-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-time-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-string-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\vccorlib140.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-string-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\pop3.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddcihttp.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-errorhandling-l1-1-0.dllJump to dropped file
            Source: C:\Windows\System32\rundll32.exeDropped PE file which has not been started: C:\Windows\System32\drivers\SET9770.tmpJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-convert-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-synch-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\de-DE\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\tr-TR\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\fr-CA\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\INetC.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\ICSharpCode.SharpZipLib.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-processenvironment-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-synch-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-filesystem-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bdnc.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\7zS46E8489B\Newtonsoft.Json.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-heap-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\it-IT\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Omni.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\msvcp140_2.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-libraryloader-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\7zS46E8489B\es-ES\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\ru-RU\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\BCUEngineS.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\ja-JP\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-file-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-math-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Search.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\sav.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\smb.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\zh-Hans\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Esent.Interop.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-file-l2-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\ssl.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\OnlineThreatsSimple.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-console-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\System.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\pop3.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-synch-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\concrt140.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-namedpipe-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-timezone-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\nsDialogs.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-runtime-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\msvcp140_codecvt_ids.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-environment-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-localization-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Compression.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\7zS46E8489B\ru-RU\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\http.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-rtlsupport-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\msvcp140_2.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-file-l2-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-private-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-utility-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\vccorlib140.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\WebFilteringSimple.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\en-US\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\rpc.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\zh-CHS\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\OnlineThreatsSimple.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-locale-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-errorhandling-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-timezone-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-private-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\WebFilteringSimple.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.IWshRuntimeLibrary.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\NCalc.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\smtp.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-heap-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\UAC.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-stdio-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\scan.dllJump to dropped file
            Source: C:\Windows\System32\rundll32.exeDropped PE file which has not been started: C:\Windows\system32\DRIVERS\bddci.sys (copy)Jump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\7zS46E8489B\ja-JP\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\DCIService.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-interlocked-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-interlocked-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\acs17.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-locale-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-runtime-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-util-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\MozCompressor.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-math-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-console-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\msvcp140_codecvt_ids.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\ftp.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\smtp.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddcihttp.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-heap-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.IEController.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\scan.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-string-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Ad-Aware Web Companion.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-processthreads-l1-1-1.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\pt-BR\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-processthreads-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-process-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-processenvironment-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\BDUpdateServiceCom.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-libraryloader-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\x64\SQLite.Interop.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\msvcp140_1.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.Loader.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci.sysJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\7zS46E8489B\zh-CHS\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bittorrent.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\lsa.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-datetime-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-debug-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\es-ES\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\ja-JP\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\fr-CA\WebCompanion.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-utility-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-memory-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-util-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nseDA4F.tmpJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\7zS46E8489B\ICSharpCode.SharpZipLib.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\BDUpdateServiceCom.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\7zS46E8489B\fr-CA\WebCompanionInstaller.resources.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\7za.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionExtensionIE.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-stdio-l1-1-0.dllJump to dropped file
            Source: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\rrd1gvmr.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WcCommunication.exeJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-memory-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\BCUSDK.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-file-l1-2-0.dllJump to dropped file
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\UserInfo.dllJump to dropped file
            Source: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\i6uwqyh0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-environment-l1-1-0.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bdnc.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Settings.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\concrt140.dllJump to dropped file
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeDropped PE file which has not been started: C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bittorrent.dllJump to dropped file
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeRegistry key enumerated: More than 441 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe TID: 4920Thread sleep time: -30000s >= -30000s
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe TID: 3116Thread sleep count: 128 > 30
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe TID: 3116Thread sleep time: -64000s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe TID: 3436Thread sleep time: -1844674407370954s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe TID: 3436Thread sleep time: -300000s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe TID: 1060Thread sleep time: -30000s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe TID: 5952Thread sleep time: -922337203685477s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe TID: 7096Thread sleep time: -922337203685477s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe TID: 6872Thread sleep time: -922337203685477s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe TID: 3436Thread sleep time: -300000s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe TID: 6964Thread sleep time: -30000s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe TID: 2132Thread sleep count: 1612 > 30
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe TID: 2132Thread sleep time: -806000s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe TID: 2132Thread sleep count: 8375 > 30
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe TID: 2132Thread sleep time: -4187500s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe TID: 5500Thread sleep time: -1844674407370954s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe TID: 3456Thread sleep time: -2769000s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe TID: 5500Thread sleep time: -300000s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe TID: 3456Thread sleep time: -2177500s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe TID: 5500Thread sleep time: -300000s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe TID: 7048Thread sleep time: -1844674407370954s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe TID: 7048Thread sleep time: -300000s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe TID: 5232Thread sleep time: -922337203685477s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe TID: 4656Thread sleep time: -30000s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe TID: 4260Thread sleep time: -922337203685477s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe TID: 4320Thread sleep time: -922337203685477s >= -30000s
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe TID: 7048Thread sleep time: -300000s >= -30000s
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_ComputerSystem
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT UserName FROM Win32_ComputerSystem
            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeLast function: Thread delayed
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeLast function: Thread delayed
            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 922337203685477
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 300000
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 922337203685477
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 922337203685477
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 922337203685477
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 300000
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 922337203685477
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 300000
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 300000
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 922337203685477
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 300000
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 922337203685477
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 922337203685477
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 922337203685477
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeThread delayed: delay time: 300000
            Source: C:\Windows\SysWOW64\WerFault.exeFile opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\
            Source: C:\Windows\SysWOW64\WerFault.exeFile opened: C:\ProgramData\Microsoft\Windows\
            Source: C:\Windows\SysWOW64\WerFault.exeFile opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_FileZilla_3.67.1_b1d8707dd0e8f07444e01fbbc66cc7db671646f_d9daa34f_9e265d0b-d67d-4520-ac21-f891b6f9980f\
            Source: C:\Windows\SysWOW64\WerFault.exeFile opened: C:\ProgramData\Microsoft\Windows\WER\
            Source: C:\Windows\SysWOW64\WerFault.exeFile opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_FileZilla_3.67.1_a7d39bd21e76c0e123ab695c2fcb1a3cdab88d_d9daa34f_fdbed2e1-2b91-43ac-8441-9af887df1af0\
            Source: C:\Windows\SysWOW64\WerFault.exeFile opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue
            Source: WebCompanionInstaller.exe, 00000008.00000002.3309998609.0000000005B00000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWu
            Source: WebCompanion.exe, 00000038.00000002.3292238601.00000000034E8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Guest Shutdown Service
            Source: WebCompanionInstaller.exe, 00000008.00000002.3288220309.00000000014D0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW8
            Source: WebCompanion.exe, 00000038.00000002.3292238601.00000000034E8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: -Nk"!Hyper-V PowerShell Direct Service
            Source: WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmpBinary or memory string: vmware
            Source: WebCompanion.exe, 00000038.00000002.3292238601.00000000034E8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: vmicshutdown
            Source: WebCompanion.exe, 00000038.00000002.3292238601.00000000034E8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: -Nk%$Hyper-V Volume Shadow Copy Requestor
            Source: svchost.exe, 00000009.00000002.3292286836.0000016CDE418000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: NXTVMWare
            Source: WebCompanion.exe, 00000038.00000002.3292238601.00000000034E8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: -Nk%$Hyper-V Time Synchronization Service
            Source: WebCompanion.exe, 00000038.00000002.3292238601.00000000034E8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: vmicvss
            Source: FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2152551540.00000000007AD000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000003.1483959513.00000000007E5000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2152551540.00000000007E5000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3309998609.0000000005B00000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3289660604.0000016CDD42B000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3290602990.0000016CDD4D3000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3307195784.000000001B25B000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3289249077.00000000015A7000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
            Source: WebCompanionInstaller.exe, 00000008.00000002.3314539016.0000000005D60000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}C5
            Source: WebCompanion.exe, 00000038.00000002.3292238601.00000000034E8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: -Nk.-Hyper-V Remote Desktop Virtualization Service
            Source: WebCompanion.exe, 00000038.00000002.3292238601.00000000034E8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Data Exchange Service
            Source: WebCompanion.exe, 00000038.00000002.3292238601.00000000034E8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Heartbeat Service
            Source: WebCompanion.exe, 00000038.00000002.3292238601.00000000034E8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Guest Service Interface
            Source: Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3307195784.000000001B25B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW"
            Source: WebCompanion.exe, 00000038.00000002.3290456534.0000000001289000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllsU
            Source: DCIService.exe, 00000025.00000002.3289476525.0000017140DE7000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3339218992.0000000005B0C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
            Source: WebCompanion.exe, 00000038.00000002.3292238601.00000000034E8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: vmicheartbeat
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess information queried: ProcessInformationJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess queried: DebugPortJump to behavior
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess queried: DebugPortJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess token adjusted: Debug
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess token adjusted: Debug
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeProcess token adjusted: Debug
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeMemory allocated: page read and write | page guard
            Source: C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exeProcess created: C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe "C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe" --silent --partner=FZ210427 --searchenblJump to behavior
            Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 2168 -ip 2168Jump to behavior
            Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2168 -s 2464Jump to behavior
            Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 2168 -ip 2168Jump to behavior
            Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2168 -s 2596Jump to behavior
            Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 492 -p 2168 -ip 2168Jump to behavior
            Source: C:\Windows\System32\svchost.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2168 -s 1192Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\sc.exe "sc.exe" Create "WCAssistantService" binPath= "C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe" DisplayName= "WC Assistant" start= autoJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\sc.exe "sc.exe" failure WCAssistantService reset= 30 actions= restart/60000Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\sc.exe "sc.exe" description "WCAssistantService" "Ad-Aware Web Companion Internet security service"Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\System32\rundll32.exe "C:\Windows\sysnative\RunDLL32.Exe" syssetup,SetupInfObjectInstallAction BootInstall 128 C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci.infJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\System32\net.exe "C:\Windows\sysnative\net.exe" start bddciJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\sc.exe "sc.exe" description "DCIService" "Webprotection Bridge service"Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /C "C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bridge_start.cmd" Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=EveryoneJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeProcess created: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe "C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --silent --install --geo= --searchenbl Jump to behavior
            Source: C:\Windows\System32\runonce.exeProcess created: C:\Windows\System32\grpconv.exe "C:\Windows\System32\grpconv.exe" -o
            Source: C:\Windows\System32\net.exeProcess created: C:\Windows\System32\net1.exe C:\Windows\system32\net1 start bddci
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\sc.exe sc start DCIService
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\netsh.exe netsh http add urlacl url=http://+:9007/ user=Everyone
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess created: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\rrd1gvmr.cmdline"
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone
            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\netsh.exe netsh http add urlacl url=http://+:9007/ user=Everyone
            Source: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exeProcess created: C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RES29AE.tmp" "c:\Users\user\AppData\Local\Temp\CSC299E.tmp"
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess created: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\i6uwqyh0.cmdline"
            Source: C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exeProcess created: C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RES40C1.tmp" "c:\Users\user\AppData\Local\Temp\CSC40B0.tmp"
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeProcess created: unknown unknown
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Users\user\AppData\Local\Temp\7zS46E8489B\Newtonsoft.Json.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Users\user\AppData\Local\Temp\7zS46E8489B\Newtonsoft.Json.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Users\user\AppData\Local\Temp\7zS46E8489B\ICSharpCode.SharpZipLib.dll VolumeInformationJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeQueries volume information: C:\Users\user\AppData\Local\Temp\7zS46E8489B\ICSharpCode.SharpZipLib.dll VolumeInformationJump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformation
            Source: C:\Windows\SysWOW64\netsh.exeQueries volume information: C:\ VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\log4net.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\log4net.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Events.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Events.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Newtonsoft.Json.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Newtonsoft.Json.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.LavasoftTcpServiceLib.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.LavasoftTcpServiceLib.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\ICSharpCode.SharpZipLib.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\ICSharpCode.SharpZipLib.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.IWshRuntimeLibrary.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.IWshRuntimeLibrary.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\ VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Compression.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Compression.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\MozCompressor.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\System.Data.SQLite.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\System.Data.SQLite.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\log4net.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\log4net.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll VolumeInformation
            Source: C:\Windows\System32\netsh.exeQueries volume information: C:\ VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\log4net.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\log4net.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Events.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Events.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Newtonsoft.Json.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Newtonsoft.Json.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.LavasoftTcpServiceLib.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.LavasoftTcpServiceLib.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\ICSharpCode.SharpZipLib.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\ICSharpCode.SharpZipLib.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\en-US\WebCompanion.resources.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\en-US\WebCompanion.resources.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\System.Data.SQLite.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\System.Data.SQLite.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Compression.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Compression.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\MozCompressor.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\NCalc.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\NCalc.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\log4net.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\log4net.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Events.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Events.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Newtonsoft.Json.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Newtonsoft.Json.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.LavasoftTcpServiceLib.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.LavasoftTcpServiceLib.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\ICSharpCode.SharpZipLib.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Program Files (x86)\Lavasoft\Web Companion\Application\ICSharpCode.SharpZipLib.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll VolumeInformation
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeQueries volume information: C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll VolumeInformation
            Source: C:\Windows\System32\runonce.exeKey value queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\TimeZoneInformation Bias
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

            Lowering of HIPS / PFW / Operating System Security Settings

            barindex
            Modifies Internet Explorer zone settings
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeRegistry key created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 2301Jump to behavior
            Modifies Internet Explorer zonemap settings
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeRegistry key created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost *Jump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeRegistry key created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com httpJump to behavior
            Overwrites Mozilla Firefox settings
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeFile written: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\24a4ohrz.default-release\prefs.js
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeFile written: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\24a4ohrz.default-release\prefs.js
            Uses netsh to modify the Windows network and firewall settings
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\netsh.exe netsh http add urlacl url=http://+:9007/ user=Everyone
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeRegistry key created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4 BlobJump to behavior
            Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exeWMI Queries: IWbemServices::ExecQuery - root\SecurityCenter : SELECT * FROM AntivirusProduct

            Stealing of Sensitive Information

            barindex
            Tries to harvest and steal browser information (history, passwords, etc)
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.ini
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\24a4ohrz.default-release\search.json.mozlz4
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\24a4ohrz.default-release\prefs.js
            Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\kz8kl7vh.default\prefs.js

            Mitre Att&ck Matrix

            ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
            Gather Victim Identity InformationAcquire InfrastructureValid Accounts2
            Windows Management Instrumentation            		1
            DLL Side-Loading            		1
            DLL Side-Loading            		311
            Disable or Modify Tools            		1
            OS Credential Dumping            		1
            System Time Discovery            		Remote Services2
            Archive Collected Data            		2
            Ingress Tool Transfer            		Exfiltration Over Other Network Medium1
            Data Encrypted for Impact
            CredentialsDomainsDefault Accounts1
            Service Execution            		21
            Windows Service            		21
            Windows Service            		1
            Deobfuscate/Decode Files or Information            		LSASS Memory3
            File and Directory Discovery            		Remote Desktop Protocol3
            Browser Session Hijacking            		1
            Encrypted Channel            		Exfiltration Over BluetoothNetwork Denial of Service
            Email AddressesDNS ServerDomain AccountsAt211
            Registry Run Keys / Startup Folder            		11
            Process Injection            		1
            DLL Side-Loading            		Security Account Manager32
            System Information Discovery            		SMB/Windows Admin Shares1
            Data from Local System            		4
            Non-Application Layer Protocol            		Automated ExfiltrationData Encrypted for Impact
            Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook211
            Registry Run Keys / Startup Folder            		1
            File Deletion            		NTDS1
            Query Registry            		Distributed Component Object ModelInput Capture5
            Application Layer Protocol            		Traffic DuplicationData Destruction
            Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script132
            Masquerading            		LSA Secrets131
            Security Software Discovery            		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
            Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts51
            Virtualization/Sandbox Evasion            		Cached Domain Credentials11
            Process Discovery            		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
            DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items11
            Process Injection            		DCSync51
            Virtualization/Sandbox Evasion            		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
            Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
            Rundll32            		Proc Filesystem1
            Application Window Discovery            		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement

            Behavior Graph

            Hide Legend

            Legend:

            • Process
            • Signature
            • Created File
            • DNS/IP Info
            • Is Dropped
            • Is Windows Process
            • Number of created Registry Values
            • Number of created Files
            • Visual Basic
            • Delphi
            • Java
            • .Net C# or VB.NET
            • C, C++ or other language
            • Is malicious
            • Internet
            behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1478260 Sample: FileZilla_3.67.1_win64_spon... Startdate: 22/07/2024 Architecture: WINDOWS Score: 48 124 webcompanion.com 2->124 126 www.google.com 2->126 128 13 other IPs or domains 2->128 142 Multi AV Scanner detection for dropped file 2->142 144 Detected potential unwanted application 2->144 146 Yara detected Generic Downloader 2->146 148 Sigma detected: Dot net compiler compiles file from suspicious location 2->148 11 FileZilla_3.67.1_win64_sponsored-setup.exe 45 2->11         started        15 WebCompanion.exe 2->15         started        18 Lavasoft.WCAssistant.WinService.exe 2->18         started        20 5 other processes 2->20 signatures3 process4 dnsIp5 138 webcompanion.com 104.19.208.152, 443, 49709, 49715 CLOUDFLARENETUS United States 11->138 140 filezilla-project.org 49.12.121.47, 443, 49707, 49708 HETZNER-ASDE Germany 11->140 114 C:\Users\user\AppData\Local\...\nsDialogs.dll, PE32 11->114 dropped 116 C:\Users\user\...\WcInstaller.exe (copy), PE32 11->116 dropped 118 C:\Users\user\AppData\Local\...\UserInfo.dll, PE32 11->118 dropped 122 6 other files (4 malicious) 11->122 dropped 22 WcInstaller.exe 36 11->22         started        25 WerFault.exe 19 16 11->25         started        27 WerFault.exe 11->27         started        29 WerFault.exe 11->29         started        120 C:\Users\user\AppData\Roaming\...\prefs.js, ASCII 15->120 dropped 164 Overwrites Mozilla Firefox settings 15->164 166 Tries to harvest and steal browser information (history, passwords, etc) 15->166 31 csc.exe 15->31         started        168 Creates files in the system32 config directory 18->168 33 cmd.exe 18->33         started        35 WerFault.exe 2 20->35         started        37 WerFault.exe 20->37         started        39 WerFault.exe 20->39         started        file6 signatures7 process8 file9 90 C:\...\WebCompanionInstaller.resources.dll, PE32 22->90 dropped 92 C:\...\WebCompanionInstaller.resources.dll, PE32 22->92 dropped 94 C:\...\WebCompanionInstaller.resources.dll, PE32 22->94 dropped 98 11 other malicious files 22->98 dropped 41 WebCompanionInstaller.exe 55 282 22->41         started        96 C:\Users\user\AppData\Local\...\i6uwqyh0.dll, PE32 31->96 dropped 46 conhost.exe 31->46         started        48 cvtres.exe 31->48         started        50 netsh.exe 33->50         started        52 conhost.exe 33->52         started        process10 dnsIp11 130 wc-update-service.lavasoft.com 64.18.87.82, 49723, 80 MTOCA Canada 41->130 132 flow.lavasoft.com 104.16.148.130, 49720, 80 CLOUDFLARENETUS United States 41->132 134 2 other IPs or domains 41->134 106 C:\Program Files (x86)\Lavasoft\...\ssl.dll, PE32+ 41->106 dropped 108 C:\Program Files (x86)\Lavasoft\...\smtp.dll, PE32+ 41->108 dropped 110 C:\Program Files (x86)\Lavasoft\...\smb.dll, PE32+ 41->110 dropped 112 203 other files (69 malicious) 41->112 dropped 156 Writes a notice file (html or txt) to demand a ransom 41->156 158 Modifies Internet Explorer zone settings 41->158 160 Modifies Internet Explorer zonemap settings 41->160 54 rundll32.exe 41->54         started        58 WebCompanion.exe 41->58         started        61 cmd.exe 41->61         started        63 7 other processes 41->63 162 Creates files in the system32 config directory 50->162 file12 signatures13 process14 dnsIp15 100 C:\Windows\system32\...\bddci.sys (copy), PE32+ 54->100 dropped 102 C:\Windows\System32\drivers\SET9770.tmp, PE32+ 54->102 dropped 150 Creates multiple autostart registry keys 54->150 152 Creates an autostart registry key pointing to binary in C:\Windows 54->152 65 runonce.exe 54->65         started        136 wsgeoip.lavasoft.com 64.18.87.4 MTOCA Canada 58->136 104 C:\Users\user\AppData\...\rrd1gvmr.cmdline, Unicode 58->104 dropped 67 csc.exe 58->67         started        154 Uses netsh to modify the Windows network and firewall settings 61->154 70 conhost.exe 61->70         started        72 sc.exe 61->72         started        74 conhost.exe 63->74         started        76 conhost.exe 63->76         started        78 conhost.exe 63->78         started        80 6 other processes 63->80 file16 signatures17 process18 file19 82 grpconv.exe 65->82         started        88 C:\Users\user\AppData\Local\...\rrd1gvmr.dll, PE32 67->88 dropped 84 conhost.exe 67->84         started        86 cvtres.exe 67->86         started        process20

            Screenshots

            Thumbnails

            This section contains all screenshots as thumbnails, including those not shown in the slideshow.


            windows-stand

            Antivirus, Machine Learning and Genetic Malware Detection

            Initial Sample

            SourceDetectionScannerLabelLink
            FileZilla_3.67.1_win64_sponsored-setup.exe4%ReversingLabsWin32.Malware.FileZillaBundleInstaller

            Dropped Files

            SourceDetectionScannerLabelLink
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\7za.exe3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Ad-Aware Web Companion.exe3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\BCUEngineS.dll4%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\BCUSDK.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\DotNetZip.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Esent.Interop.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\ICSharpCode.SharpZipLib.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.IWshRuntimeLibrary.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.LavasoftTcpServiceLib.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.SHDocVw.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.Shell32.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.WUApiLib.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Ionic.Zip.dll4%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\LZ4.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll4%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Automation.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Compression.dll4%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Events.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Extension.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.IEController.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Omni.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Search.exe5%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll5%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Settings.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll4%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll4%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll4%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe4%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Microsoft.mshtml.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\MozCompressor.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\NCalc.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Newtonsoft.Json.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\System.Data.SQLite.dll0%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\WcCommunication.exe3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.Loader.exe3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe4%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionExtensionIE.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe13%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\acs17.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\de-DE\WebCompanion.resources.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\de-DE\WebCompanionInstaller.resources.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\en-US\WebCompanion.resources.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\en-US\WebCompanionInstaller.resources.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\es-ES\WebCompanion.resources.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\es-ES\WebCompanionInstaller.resources.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\fr-CA\WebCompanion.resources.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\fr-CA\WebCompanionInstaller.resources.dll5%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\it-IT\WebCompanion.resources.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\it-IT\WebCompanionInstaller.resources.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\ja-JP\WebCompanion.resources.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\ja-JP\WebCompanionInstaller.resources.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\liblz4.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\log4net.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\pt-BR\WebCompanion.resources.dll4%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\pt-BR\WebCompanionInstaller.resources.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\ru-RU\WebCompanion.resources.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\ru-RU\WebCompanionInstaller.resources.dll3%ReversingLabs
            C:\Program Files (x86)\Lavasoft\Web Companion\Application\tr-TR\WebCompanion.resources.dll3%ReversingLabs

            Unpacked PE Files

            No Antivirus matches

            Domains

            No Antivirus matches

            URLs

            SourceDetectionScannerLabelLink
            http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text0%URL Reputationsafe
            http://schemas.xmlsoap.org/ws/2005/02/sc/sct0%URL Reputationsafe
            http://tempuri.org/0%URL Reputationsafe
            http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap0%URL Reputationsafe
            http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID0%URL Reputationsafe
            http://schemas.xmlsoap.org/ws/2004/10/wsat/fault0%URL Reputationsafe
            http://schemas.xmlsoap.org/ws/2004/10/wsat0%URL Reputationsafe
            http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey0%URL Reputationsafe
            http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA10%URL Reputationsafe
            http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego0%URL Reputationsafe
            http://schemas.xmlsoap.org/ws/2004/08/addressing0%URL Reputationsafe
            http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse0%URL Reputationsafe
            http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID0%URL Reputationsafe
            http://schemas.xmlsoap.org/ws/2006/02/addressingidentity0%URL Reputationsafe
            http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/SCT0%URL Reputationsafe
            http://schemas.xmlsoap.org/ws/2004/04/security/trust/Nonce0%URL Reputationsafe
            http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#GSS_Kerberosv5_AP_REQ15100%URL Reputationsafe
            http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd0%URL Reputationsafe
            http://schemas.xmlsoap.org/ws/2005/02/trust/CK/PSHA10%URL Reputationsafe
            http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA10%URL Reputationsafe
            http://schemas.xmlsoap.org/ws/2005/05/identity/right/possessproperty0%URL Reputationsafe
            http://schemas.xmlsoap.org/2005/02/trust/tlsnego#TLS_Wrap0%URL Reputationsafe
            https://webcompanion.com/unsafe.php?utm_source=WCse.dll0%Avira URL Cloudsafe
            http://www.codeproject.com/Articles/28093/Using-RoutedCommands-with-a-ViewModel-in-WPF0%Avira URL Cloudsafe
            http://wc-partners.lavasoft.com/Partner.svc/GetPartnerInfo?partner=FZ2104270%Avira URL Cloudsafe
            http://wc-update-service.lavasoft.com0%Avira URL Cloudsafe
            https://offers.filezilla-project.org/0%Avira URL Cloudsafe
            https://webcompanion.com/terms0%Avira URL Cloudsafe
            http://pp.webcompanion.com/unsafe.php?utm_source=WC0%Avira URL Cloudsafe
            http://tempuri.org/IWCAssistantService/CreatUninstallInfo0%Avira URL Cloudsafe
            http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd.xsd0%Avira URL Cloudsafe
            http://tempuri.org/IWCAssistantService/SetSearchEngineIE0%Avira URL Cloudsafe
            https://flow.lavasoft.com/v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=10%Avira URL Cloudsafe
            http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsdurity0%Avira URL Cloudsafe
            http://docs.oasis-open.org/ws-tx/wsat/2006/06/fault0%Avira URL Cloudsafe
            http://Passport.NET/tb_0%Avira URL Cloudsafe
            http://tempuri.org/SendWCFeedbackT0%Avira URL Cloudsafe
            http://webcompanion.com/1http://www.lavasoft.com/Ghttp://webcompanion.com/unsafe?url=Qhttps://appdow0%Avira URL Cloudsafe
            https://media.adaware.com/moviesextension/thankyou.php?partnerID=BT151101&sourceTraffic=WCU19080%Avira URL Cloudsafe
            http://webcompanion.com/ff_extension/ffLanguages.json0%Avira URL Cloudsafe
            https://login.microsoftonline.com/ppsecure/DeviceDisassociate.srf.0%Avira URL Cloudsafe
            http://docs.oasis-open.org/ws-tx/wsat/2006/06/Replay0%Avira URL Cloudsafe
            https://flow.lavasoft.com/v1/event-stat?Type=UIOpen&ProductID=wc&EventVersion=10%Avira URL Cloudsafe
            http://upclick.com/GetCountryNameByISO2T0%Avira URL Cloudsafe
            https://webcompanion.com/nano_download.php?partner=FZ2104270%Avira URL Cloudsafe
            http://lavasoft.com/GetIpLocation_2_0T0%Avira URL Cloudsafe
            http://docs.oasis-open.org/ws-tx/wsat/2006/06/Aborted0%Avira URL Cloudsafe
            http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd04/010%Avira URL Cloudsafe
            http://tempuri.org/IWCAssistantService/RunProcess0%Avira URL Cloudsafe
            http://schemas.xmlsoap.org/ws/2005/02/sc(0%Avira URL Cloudsafe
            http://tempuri.org/IWCAssistantService/0%Avira URL Cloudsafe
            http://crl.ver)0%Avira URL Cloudsafe
            http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsdCiph0%Avira URL Cloudsafe
            http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdAAAAAA0%Avira URL Cloudsafe
            http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdrit0%Avira URL Cloudsafe
            https://webcompanion.com/download_extensions.php?partnerID=0%Avira URL Cloudsafe
            https://www.adaware.com/sites/default/files/installers/H2OAutoUpdate/WCU006_s.exe0%Avira URL Cloudsafe
            http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdnLJoj0%Avira URL Cloudsafe
            http://tempuri.org/WcSendAutoResponseEmailT0%Avira URL Cloudsafe
            http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3p~0%Avira URL Cloudsafe
            https://account.live.com/inlinesignup.aspx?iww=1&id=80601l0%Avira URL Cloudsafe
            http://html4/loose.dtd0%Avira URL Cloudsafe
            http://crl.entrust.net/g2ca.crl00%Avira URL Cloudsafe
            https://login.microsoftonline.com/ppsecure/deviceremovecredential.srf0%Avira URL Cloudsafe
            https://login.microsoftonline.com/ppsecure/DeviceQuery.srf0%Avira URL Cloudsafe
            https://acs.lavasoft.com/api/v2/url/permanentwhitelist0%Avira URL Cloudsafe
            http://docs.oasis-open.org/ws-tx/wscoor/2006/06/RegisterResponse0%Avira URL Cloudsafe
            https://login.microsoftonline.com/ppsecure/devicechangecredential.srfen0%Avira URL Cloudsafe
            https://svn.apache.org/repos/asf/logging/log4net/tags/1.2.13RC30%Avira URL Cloudsafe
            http://www.w3.X0%Avira URL Cloudsafe
            http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdrt/So0%Avira URL Cloudsafe
            https://sdl.adaware.com/?bundleid=WCU001&savename=WCUpdater.exe0%Avira URL Cloudsafe
            http://docs.oasis-open.org/ws-tx/wsat/2006/06/Completion0%Avira URL Cloudsafe
            https://account.live.com/inlinesignup.aspx?iww=1&id=80600e0%Avira URL Cloudsafe
            https://offers.filezilla-project.org/offer.php?v=1&c=2021a/SILENTgetOK0%Avira URL Cloudsafe
            http://tempuri.org/IWCAssistantService/CopyFilesT0%Avira URL Cloudsafe
            https://login.microsoftonline.com/ppsecure/DeviceUpdate.srf%0%Avira URL Cloudsafe
            http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue0%Avira URL Cloudsafe
            http://www.apache.org/).0%Avira URL Cloudsafe
            http://tempuri.org/IWCAssistantService/SetSearchEngineIET0%Avira URL Cloudsafe
            http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/SCT/Renew0%Avira URL Cloudsafe
            https://webcompanion.com/nano_download.php?partner=FZ210427download.php?partner=FZ2104270%Avira URL Cloudsafe
            http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/dk/p_sha10%Avira URL Cloudsafe
            http://webcompanion.com/images/email/tw-icon.png0%Avira URL Cloudsafe
            http://.jpg0%Avira URL Cloudsafe
            https://account.live.com/inlinesignup.aspx?iww=1&amp;id=806010%Avira URL Cloudsafe
            http://sdl.adaware.com/?bundleid=WCUN001&savename=WCUN001.exe0%Avira URL Cloudsafe
            https://signup.live.com/signup.aspx0%Avira URL Cloudsafe
            http://schemas.datacontract.org/2004/07/SearchProtect.WcfService60%Avira URL Cloudsafe
            https://account.live.com/inlinesignup.aspx?iww=1&amp;id=806000%Avira URL Cloudsafe
            http://docs.oasis-open.org/ws-tx/wsat/2006/06/Rollback0%Avira URL Cloudsafe
            https://webcompanion.com/termsAhttps://webcompanion.com/privacy0%Avira URL Cloudsafe
            https://offers.filezilla-project.org/get.php?offer=2021a0%Avira URL Cloudsafe
            https://account.live.com/inlinesignup.aspx?iww=1&amp;id=806030%Avira URL Cloudsafe
            https://account.live.com/inlinesignup.aspx?iww=1&amp;id=806050%Avira URL Cloudsafe
            https://account.live.com/inlinesignup.aspx?iww=1&amp;id=806040%Avira URL Cloudsafe
            http://tempuri.org/SendFeedbackT0%Avira URL Cloudsafe
            http://docs.oasis-open.org/ws-tx/wsat/2006/060%Avira URL Cloudsafe
            http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsde:Se0%Avira URL Cloudsafe
            https://acscdn.lavasoft.com/permanentUrlWhitelist.json0%Avira URL Cloudsafe

            Domains and IPs

            Contacted Domains

            NameIPActiveMaliciousAntivirus DetectionReputation
            sg-bitmask.adaware.com
            		104.16.213.94
            		truefalse
              		unknown
              filezilla-project.org
              		49.12.121.47
              		truefalse
                		unknown
                webcompanion.com
                		104.19.208.152
                		truetrue
                  		unknown
                  acscdn.lavasoft.com
                  		104.16.149.130
                  		truefalse
                    		unknown
                    wc-partners.lavasoft.com
                    		64.18.87.82
                    		truefalse
                      		unknown
                      wc-update-service.lavasoft.com
                      		64.18.87.82
                      		truefalse
                        		unknown
                        bg.microsoft.map.fastly.net
                        		199.232.210.172
                        		truefalse
                          		unknown
                          rt.webcompanion.com
                          		104.19.159.224
                          		truefalse
                            		unknown
                            wcdownloadercdn.lavasoft.com
                            		104.16.149.130
                            		truefalse
                              		unknown
                              acs.lavasoft.com
                              		104.16.149.130
                              		truefalse
                                		unknown
                                www.google.com
                                		172.217.18.4
                                		truefalse
                                  		unknown
                                  flow.lavasoft.com
                                  		104.16.148.130
                                  		truefalse
                                    		unknown
                                    wsgeoip.lavasoft.com
                                    		64.18.87.4
                                    		truefalse
                                      		unknown
                                      offers.filezilla-project.org
                                      		unknown
                                      		unknownfalse
                                        		unknown
                                        ocsp.entrust.net
                                        		unknown
                                        		unknownfalse
                                          		unknown

                                          Contacted URLs

                                          NameMaliciousAntivirus DetectionReputation
                                          http://wc-partners.lavasoft.com/Partner.svc/GetPartnerInfo?partner=FZ210427false
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://flow.lavasoft.com/v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=1false
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://webcompanion.com/nano_download.php?partner=FZ210427false
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://flow.lavasoft.com/v1/event-stat?Type=UIOpen&ProductID=wc&EventVersion=1false
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://acs.lavasoft.com/api/v2/url/permanentwhitelistfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://offers.filezilla-project.org/get.php?offer=2021afalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://acscdn.lavasoft.com/permanentUrlWhitelist.jsonfalse
                                          • Avira URL Cloud: safe
                                          		unknown

                                          URLs from Memory and Binaries

                                          NameSourceMaliciousAntivirus DetectionReputation
                                          http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#TextLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://schemas.xmlsoap.org/ws/2005/02/sc/sctLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          https://webcompanion.com/termsFileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000003.1483376182.00000000007F1000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2152049333.000000000042F000.00000004.00000001.01000000.00000003.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://tempuri.org/IWCAssistantService/SetSearchEngineIELavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://webcompanion.com/unsafe.php?utm_source=WCse.dllDCIService.exe, 00000025.00000002.3289476525.0000017140DC0000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://www.codeproject.com/Articles/28093/Using-RoutedCommands-with-a-ViewModel-in-WPFWebCompanion.exe, 00000029.00000000.2333873826.00000000009B4000.00000002.00000001.01000000.00000025.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://pp.webcompanion.com/unsafe.php?utm_source=WCWebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003546000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://tempuri.org/IWCAssistantService/CreatUninstallInfoLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://tempuri.org/WebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034E8000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003471000.00000004.00000800.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003546000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3359376849.0000000008623000.00000004.08000000.00040000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000031D1000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.0000000003649000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3305362152.00000000044A0000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3342275998.0000000008090000.00000004.08000000.00040000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_WrapLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLIDLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://wc-update-service.lavasoft.comWebCompanionInstaller.exe, 00000008.00000002.3291695530.00000000034E8000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000031D1000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.0000000003649000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://offers.filezilla-project.org/FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2152551540.0000000000781000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd.xsdsvchost.exe, 00000009.00000003.1704187826.0000016CDDD55000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsduritysvchost.exe, 00000009.00000003.1837291475.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://tempuri.org/SendWCFeedbackTWebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://media.adaware.com/moviesextension/thankyou.php?partnerID=BT151101&sourceTraffic=WCU1908WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://webcompanion.com/ff_extension/ffLanguages.jsonWebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/ws-tx/wsat/2006/06/faultLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://schemas.xmlsoap.org/ws/2004/10/wsat/faultLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://schemas.xmlsoap.org/ws/2004/10/wsatLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://webcompanion.com/1http://www.lavasoft.com/Ghttp://webcompanion.com/unsafe?url=Qhttps://appdowWebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://login.microsoftonline.com/ppsecure/DeviceDisassociate.srf.svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://Passport.NET/tb_svchost.exe, 00000009.00000002.3289810921.0000016CDD45F000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3293142416.0000016CDE4D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://upclick.com/GetCountryNameByISO2TWebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKeyLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://lavasoft.com/GetIpLocation_2_0TWcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmp, WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/ws-tx/wsat/2006/06/ReplayLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/ws-tx/wsat/2006/06/AbortedLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://tempuri.org/IWCAssistantService/RunProcessLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://crl.ver)svchost.exe, 00000009.00000002.3290602990.0000016CDD4D3000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://schemas.xmlsoap.org/ws/2005/02/sc(svchost.exe, 00000009.00000003.1837240395.0000016CDDD6E000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3291936857.0000016CDDD6E000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd04/01svchost.exe, 00000009.00000003.1679517145.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://tempuri.org/IWCAssistantService/Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.00000000023F6000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnegoLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          https://www.adaware.com/sites/default/files/installers/H2OAutoUpdate/WCU006_s.exeWebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdAAAAAAsvchost.exe, 00000009.00000003.1691787529.0000016CDDD55000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsdCiphsvchost.exe, 00000009.00000003.1837240395.0000016CDDD6E000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000002.3291936857.0000016CDDD6E000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://schemas.xmlsoap.org/ws/2004/08/addressingWebCompanionInstaller.exe, 00000008.00000002.3291695530.0000000003471000.00000004.00000800.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002453000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3293841549.0000000003241000.00000004.00000800.00020000.00000000.sdmp, WebCompanion.exe, 00000038.00000002.3292238601.00000000031D1000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          https://webcompanion.com/download_extensions.php?partnerID=WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdritsvchost.exe, 00000009.00000003.1704572860.0000016CDDD53000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdnLJojsvchost.exe, 00000009.00000002.3291680994.0000016CDDD58000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1837291475.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://tempuri.org/WcSendAutoResponseEmailTWebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3p~Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponseLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          https://account.live.com/inlinesignup.aspx?iww=1&id=80601lsvchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://crl.entrust.net/g2ca.crl0WcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanion.exe, 00000033.00000002.3364273388.00000000099BF000.00000004.00000020.00020000.00000000.sdmp, Microsoft.mshtml.dll.8.dr, DCIService.exe0.8.dr, System.Data.SQLite.dll.8.dr, Interop.Shell32.dll.8.dr, WebCompanion.resources.dll4.8.dr, WebCompanionInstaller.resources.dll8.8.dr, WebCompanionInstaller.resources.dll1.8.dr, ICSharpCode.SharpZipLib.dll.4.dr, WebCompanionInstaller.resources.dll3.8.dr, Newtonsoft.Json.dll.8.dr, WebCompanionExtensionIE.dll.8.drfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://html4/loose.dtdDCIService.exe, 00000025.00000002.3292995652.00007FFBAAE5D000.00000002.00000001.01000000.00000019.sdmp, bddcihttp.dll0.8.drfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://svn.apache.org/repos/asf/logging/log4net/tags/1.2.13RC3Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3305821810.000000001AF9C000.00000002.00000001.01000000.00000026.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3305078642.000000001AF52000.00000002.00000001.01000000.00000026.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionIDLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          https://login.microsoftonline.com/ppsecure/deviceremovecredential.srfsvchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://schemas.xmlsoap.org/ws/2006/02/addressingidentityLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          https://login.microsoftonline.com/ppsecure/DeviceQuery.srfsvchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://login.microsoftonline.com/ppsecure/devicechangecredential.srfensvchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/ws-tx/wscoor/2006/06/RegisterResponseLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://www.w3.Xsvchost.exe, 00000009.00000002.3289810921.0000016CDD476000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdrt/Sosvchost.exe, 00000009.00000003.1704187826.0000016CDDD55000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://sdl.adaware.com/?bundleid=WCU001&savename=WCUpdater.exeWebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://account.live.com/inlinesignup.aspx?iww=1&id=80600esvchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/ws-tx/wsat/2006/06/CompletionLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://offers.filezilla-project.org/offer.php?v=1&c=2021a/SILENTgetOKFileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2152551540.0000000000731000.00000004.00000020.00020000.00000000.sdmp, FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2153381222.0000000002746000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/SCTLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://www.apache.org/).Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3305078642.000000001AF52000.00000002.00000001.01000000.00000026.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://tempuri.org/IWCAssistantService/CopyFilesTWebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://login.microsoftonline.com/ppsecure/DeviceUpdate.srf%svchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/IssueLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://schemas.xmlsoap.org/ws/2004/04/security/trust/NonceLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#GSS_Kerberosv5_AP_REQ1510Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://tempuri.org/IWCAssistantService/SetSearchEngineIETWebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000038.00000002.3329949359.00000000065B2000.00000002.00000001.01000000.0000002C.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/SCT/RenewLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/dk/p_sha1Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://webcompanion.com/images/email/tw-icon.pngWebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmp, WebCompanion.exe, 00000033.00000002.3360225784.00000000087A2000.00000002.00000001.01000000.0000003B.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdsvchost.exe, 00000009.00000002.3291936857.0000016CDDD6E000.00000004.00000020.00020000.00000000.sdmp, Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          https://webcompanion.com/nano_download.php?partner=FZ210427download.php?partner=FZ210427FileZilla_3.67.1_win64_sponsored-setup.exe, 00000000.00000002.2154093341.00000000054C0000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://schemas.xmlsoap.org/ws/2005/02/trust/CK/PSHA1Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://.jpgDCIService.exe, 00000025.00000002.3292995652.00007FFBAAE5D000.00000002.00000001.01000000.00000019.sdmp, bddcihttp.dll0.8.drfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://signup.live.com/signup.aspxsvchost.exe, 00000009.00000002.3289725560.0000016CDD447000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664927838.0000016CDDD40000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD2C000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664814505.0000016CDDD4D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664876494.0000016CDDD3B000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://schemas.xmlsoap.org/ws/2005/05/identity/right/possesspropertyLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002606000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://sdl.adaware.com/?bundleid=WCUN001&savename=WCUN001.exeWcInstaller.exe, 00000004.00000003.1653134046.0000000000510000.00000004.00001000.00020000.00000000.sdmp, WcInstaller.exe, 00000004.00000003.1652962044.00000000022F3000.00000004.00000020.00020000.00000000.sdmp, WebCompanionInstaller.exe, 00000008.00000000.1653333588.0000000000DD2000.00000002.00000001.01000000.00000010.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://account.live.com/inlinesignup.aspx?iww=1&amp;id=80601svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://schemas.datacontract.org/2004/07/SearchProtect.WcfService6WebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://account.live.com/inlinesignup.aspx?iww=1&amp;id=80600svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://account.live.com/inlinesignup.aspx?iww=1&amp;id=80603svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/ws-tx/wsat/2006/06/RollbackLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://webcompanion.com/termsAhttps://webcompanion.com/privacyWebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://tempuri.org/SendFeedbackTWebCompanion.exe, 00000029.00000000.2333873826.0000000000B89000.00000002.00000001.01000000.00000025.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://account.live.com/inlinesignup.aspx?iww=1&amp;id=80605svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://account.live.com/inlinesignup.aspx?iww=1&amp;id=80604svchost.exe, 00000009.00000003.1665100750.0000016CDDD56000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664413515.0000016CDDD29000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000009.00000003.1664520852.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://schemas.xmlsoap.org/2005/02/trust/tlsnego#TLS_WrapLavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://docs.oasis-open.org/ws-tx/wsat/2006/06Lavasoft.WCAssistant.WinService.exe, 0000002A.00000002.3291832691.0000000002510000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsde:Sesvchost.exe, 00000009.00000003.1679517145.0000016CDDD52000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown

                                          World Map of Contacted IPs

                                          • No. of IPs < 25%
                                          • 25% < No. of IPs < 50%
                                          • 50% < No. of IPs < 75%
                                          • 75% < No. of IPs

                                          Public IPs

                                          IPDomainCountryFlagASNASN NameMalicious
                                          104.19.159.224
                                          		rt.webcompanion.comUnited States
                                          		13335CLOUDFLARENETUSfalse
                                          64.18.87.4
                                          		wsgeoip.lavasoft.comCanada
                                          		21548MTOCAfalse
                                          64.18.87.82
                                          		wc-partners.lavasoft.comCanada
                                          		21548MTOCAfalse
                                          104.16.149.130
                                          		acscdn.lavasoft.comUnited States
                                          		13335CLOUDFLARENETUSfalse
                                          104.19.208.152
                                          		webcompanion.comUnited States
                                          		13335CLOUDFLARENETUStrue
                                          104.16.148.130
                                          		flow.lavasoft.comUnited States
                                          		13335CLOUDFLARENETUSfalse
                                          49.12.121.47
                                          		filezilla-project.orgGermany
                                          		24940HETZNER-ASDEfalse

                                          General Information

                                          Joe Sandbox version:40.0.0 Tourmaline
                                          Analysis ID:1478260
                                          Start date and time:2024-07-22 12:49:18 +02:00
                                          Joe Sandbox product:CloudBasic
                                          Overall analysis duration:0h 10m 33s
                                          Hypervisor based Inspection enabled:false
                                          Report type:full
                                          Cookbook file name:default.jbs
                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                          Run name:Run with higher sleep bypass
                                          Number of analysed new started processes analysed:57
                                          Number of new started drivers analysed:0
                                          Number of existing processes analysed:0
                                          Number of existing drivers analysed:0
                                          Number of injected processes analysed:0
                                          Technologies:
                                          • EGA enabled
                                          • AMSI enabled
                                          Analysis Mode:default
                                          Analysis stop reason:Timeout
                                          Sample name:FileZilla_3.67.1_win64_sponsored-setup.exe
                                          Detection:MAL
                                          Classification:mal48.rans.phis.troj.spyw.expl.evad.winEXE@81/373@18/7
                                          Cookbook Comments:
                                          • Found application associated with file extension: .exe
                                          • Sleeps bigger than 100000000ms are automatically reduced to 1000ms

                                          Warnings

                                          • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, conhost.exe
                                          • Excluded IPs from analysis (whitelisted): 199.232.210.172, 20.190.159.4, 20.190.159.75, 20.190.159.0, 20.190.159.68, 20.190.159.23, 40.126.31.73, 20.190.159.73, 20.190.159.2, 20.189.173.21, 20.189.173.22, 20.42.73.29, 2.16.100.168, 88.221.110.91, 2.18.97.198
                                          • Excluded domains from analysis (whitelisted): prdv4a.aadg.msidentity.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, www.tm.v4.a.prd.aadg.trafficmanager.net, onedsblobprdwus17.westus.cloudapp.azure.com, ctldl.windowsupdate.com, e6913.dscx.akamaiedge.net, a767.dspw65.akamai.net, login.msa.msidentity.com, fe3cr.delivery.mp.microsoft.com, download.windowsupdate.com.edgesuite.net, ocsp.entrust.net.edgekey.net, ocsp.digicert.com, login.live.com, blobcollector.events.data.trafficmanager.net, onedsblobprdeus15.eastus.cloudapp.azure.com, onedsblobprdwus16.westus.cloudapp.azure.com, umwatson.events.data.microsoft.com, wu-b-net.trafficmanager.net, www.tm.lg.prod.aadmsa.trafficmanager.net
                                          • Not all processes where analyzed, report is missing behavior information
                                          • Report size exceeded maximum capacity and may have missing behavior information.
                                          • Report size exceeded maximum capacity and may have missing network information.
                                          • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                          • Report size getting too big, too many NtCreateKey calls found.
                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                          • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                          • Report size getting too big, too many NtQueryValueKey calls found.
                                          • Report size getting too big, too many NtQueryVolumeInformationFile calls found.
                                          • Report size getting too big, too many NtReadVirtualMemory calls found.
                                          • Report size getting too big, too many NtSetInformationFile calls found.
                                          • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                          • VT rate limit hit for: FileZilla_3.67.1_win64_sponsored-setup.exe

                                          Simulations

                                          Behavior and APIs

                                          TimeTypeDescription
                                          06:51:11API Interceptor186x Sleep call for process: WebCompanionInstaller.exe modified
                                          06:52:26API Interceptor330722x Sleep call for process: Lavasoft.WCAssistant.WinService.exe modified
                                          06:52:29API Interceptor262115x Sleep call for process: WebCompanion.exe modified
                                          12:51:48AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run Web Companion C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
                                          12:51:56AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run Web Companion C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize

                                          Joe Sandbox View / Context

                                          IPs

                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                          104.19.159.224Setup.exeGet hashmaliciousUnknownBrowse
                                          • webcompanion.com/version_logs?json=true&version=13.900.0.1080
                                          Setup.exeGet hashmaliciousUnknownBrowse
                                          • webcompanion.com/version_logs?json=true&version=12.901.4.1003
                                          64.18.87.4SecuriteInfo.com.Program.Unwanted.4662.20461.1147.exeGet hashmaliciousUnknownBrowse
                                          • avsdklicenseservice.lavasoft.com/licenses.asmx
                                          SecuriteInfo.com.Program.Unwanted.4662.20461.1147.exeGet hashmaliciousUnknownBrowse
                                          • avsdklicenseservice.lavasoft.com/licenses.asmx
                                          https://filezilla-project.org/download.php?type=clientGet hashmaliciousUnknownBrowse
                                          • wsgeoip.lavasoft.com/ipservice.asmx
                                          Setup.exeGet hashmaliciousUnknownBrowse
                                          • wsgeoip.lavasoft.com/ipservice.asmx
                                          f_038023.exeGet hashmaliciousUnknownBrowse
                                          • wsgeoip.lavasoft.com/ipservice.asmx
                                          f_000aab.exeGet hashmaliciousUnknownBrowse
                                          • wsgeoip.lavasoft.com/ipservice.asmx
                                          f_000aab.exeGet hashmaliciousUnknownBrowse
                                          • wsgeoip.lavasoft.com/ipservice.asmx
                                          f_000aab.exeGet hashmaliciousUnknownBrowse
                                          • wsgeoip.lavasoft.com/ipservice.asmx
                                          Setup.exeGet hashmaliciousUnknownBrowse
                                          • wsgeoip.lavasoft.com/ipservice.asmx
                                          64.18.87.82Setup.exeGet hashmaliciousUnknownBrowse
                                          • wc-partners.lavasoft.com/Partner.svc/GetPartnerInfo?partner=IN240402_ac
                                          f_038023.exeGet hashmaliciousUnknownBrowse
                                          • wc-partners.lavasoft.com/Partner.svc/GetPartnerInfo?partner=IN220101_ac
                                          Setup.exeGet hashmaliciousUnknownBrowse
                                          • wc-partners.lavasoft.com/Partner.svc/GetPartnerInfo?partner=IN220101_ac
                                          Setup_WebCompanion.exeGet hashmaliciousUnknownBrowse
                                          • wc-partners.lavasoft.com/Partner.svc/GetPartnerInfo?partner=IN230401_ac
                                          f_0006a5.exeGet hashmaliciousUnknownBrowse
                                          • wc-partners.lavasoft.com/Partner.svc/GetPartnerInfo?partner=IN230401_ac
                                          Setup_WebCompanion.exeGet hashmaliciousUnknownBrowse
                                          • wc-partners.lavasoft.com/Partner.svc/GetPartnerInfo?partner=IN220101_ac
                                          5H9xyDlKjF.exeGet hashmaliciousUnknownBrowse
                                          • wc-partners.lavasoft.com/Partner.svc/GetPartnerInfo?partner=IN220101_ac
                                          bDti5SAf4E.exeGet hashmaliciousUnknownBrowse
                                          • wc-partners.lavasoft.com/Partner.svc/GetPartnerInfo?partner=IN220101_ac
                                          Jt8Q8FuhSy.exeGet hashmaliciousUnknownBrowse
                                          • wc-partners.lavasoft.com/Partner.svc/GetPartnerInfo?partner=IN220101_ac

                                          Domains

                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                          sg-bitmask.adaware.comSetup.exeGet hashmaliciousUnknownBrowse
                                          • 104.16.213.94
                                          Setup.exeGet hashmaliciousUnknownBrowse
                                          • 104.16.213.94
                                          Setup.exeGet hashmaliciousUnknownBrowse
                                          • 104.16.213.94
                                          Setup.exeGet hashmaliciousUnknownBrowse
                                          • 104.18.68.73
                                          f_038023.exeGet hashmaliciousUnknownBrowse
                                          • 104.18.68.73
                                          f_000aab.exeGet hashmaliciousUnknownBrowse
                                          • 104.18.67.73
                                          f_000aab.exeGet hashmaliciousUnknownBrowse
                                          • 104.18.67.73
                                          Setup.exeGet hashmaliciousUnknownBrowse
                                          • 104.18.67.73
                                          FileZilla_3.65.0_win64_sponsored-setup.exeGet hashmaliciousCobaltStrikeBrowse
                                          • 104.18.67.73
                                          FileZilla_3.65.0_win64_sponsored-setup.exeGet hashmaliciousCobaltStrikeBrowse
                                          • 104.18.67.73
                                          webcompanion.comSetup.exeGet hashmaliciousUnknownBrowse
                                          • 104.19.159.224
                                          Setup.exeGet hashmaliciousUnknownBrowse
                                          • 104.19.208.152
                                          Setup.exeGet hashmaliciousUnknownBrowse
                                          • 104.19.159.224
                                          https://webcompanion.com/nano_download.php?savename=Setup.exe&partner=IN230901&nonadmin&direct&tych&campaign=18022583703Get hashmaliciousUnknownBrowse
                                          • 104.19.208.152
                                          https://webcompanion.com/nano_download.php?Get hashmaliciousUnknownBrowse
                                          • 104.19.208.152
                                          https://webcompanion.com/nano_download.php?savename=Setup.exe&partner=IN240401&nonadmin&direct&tych&campaign=19742548718Get hashmaliciousUnknownBrowse
                                          • 104.19.208.152
                                          https://webcompanion.com/nano_download.php?savename=Setup.exe&partner=IN230901&nonadmin&direct&tych&campaign=18022583703Get hashmaliciousUnknownBrowse
                                          • 104.18.212.25
                                          https://webcompanion.com/nano_download.php?savename=Setup.exe&partner=IN230901&nonadmin&direct&tych&campaign=18022583703Get hashmaliciousUnknownBrowse
                                          • 104.18.212.25
                                          https://filezilla-project.org/download.php?type=clientGet hashmaliciousUnknownBrowse
                                          • 104.18.212.25
                                          filezilla-project.orghttps://download.filezilla-project.org/client/FileZilla_3.67.0_win64_sponsored2-setup.exeGet hashmaliciousUnknownBrowse
                                          • 49.12.121.47
                                          https://download.filezilla-project.org/client/FileZilla_3.67.0_win64_sponsored2-setup.exeGet hashmaliciousUnknownBrowse
                                          • 49.12.121.47
                                          https://download.filezilla-project.org/client/FileZilla_3.67.0_win64_sponsored2-setup.exeGet hashmaliciousUnknownBrowse
                                          • 49.12.121.47
                                          https://download.filezilla-project.org/client/FileZilla_3.67.0_win64_sponsored2-setup.exeGet hashmaliciousUnknownBrowse
                                          • 49.12.121.47
                                          https://download.filezilla-project.org/client/FileZilla_3.67.0_win64_sponsored2-setup.exeGet hashmaliciousUnknownBrowse
                                          • 49.12.121.47
                                          https://download.filezilla-project.org/client/FileZilla_3.67.0_win64_sponsored2-setup.exeGet hashmaliciousUnknownBrowse
                                          • 49.12.121.47
                                          https://download.filezilla-project.org/client/FileZilla_3.67.0_win64_sponsored2-setup.exeGet hashmaliciousUnknownBrowse
                                          • 49.12.121.47

                                          ASNs

                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                          MTOCASetup.exeGet hashmaliciousUnknownBrowse
                                          • 64.18.87.81
                                          Setup.exeGet hashmaliciousUnknownBrowse
                                          • 64.18.87.81
                                          Setup.exeGet hashmaliciousUnknownBrowse
                                          • 64.18.87.82
                                          SecuriteInfo.com.Program.Unwanted.4662.20461.1147.exeGet hashmaliciousUnknownBrowse
                                          • 64.18.87.4
                                          SecuriteInfo.com.Program.Unwanted.4662.20461.1147.exeGet hashmaliciousUnknownBrowse
                                          • 64.18.87.4
                                          ffff6f6.msiGet hashmaliciousUnknownBrowse
                                          • 64.18.87.10
                                          uXUrccWxXO.elfGet hashmaliciousUnknownBrowse
                                          • 67.22.231.120
                                          https://filezilla-project.org/download.php?type=clientGet hashmaliciousUnknownBrowse
                                          • 64.18.87.81
                                          dagQSRLYsB.elfGet hashmaliciousUnknownBrowse
                                          • 206.55.88.228
                                          CLOUDFLARENETUSDRAFT DOCUMENTS.jsGet hashmaliciousAgentTeslaBrowse
                                          • 172.67.207.214
                                          http://nys-ns.com/Get hashmaliciousUnknownBrowse
                                          • 104.19.229.21
                                          http://nys-ns.com/Get hashmaliciousUnknownBrowse
                                          • 104.16.51.111
                                          PG_320_MPI STEELPROCESS SRL_20240607_100526.xlsGet hashmaliciousRemcosBrowse
                                          • 188.114.96.3
                                          http://www.choeshop.comGet hashmaliciousUnknownBrowse
                                          • 1.1.1.1
                                          http://beonlineboo.comGet hashmaliciousUnknownBrowse
                                          • 1.1.1.1
                                          Transaction_Ref_000067_AC_4090_pdf.jsGet hashmaliciousWSHRATBrowse
                                          • 188.114.96.3
                                          file.exeGet hashmaliciousAmadey, Babadeda, Stealc, VidarBrowse
                                          • 172.64.41.3
                                          SecuriteInfo.com.Win64.Malware-gen.8656.30833.exeGet hashmaliciousLummaCBrowse
                                          • 188.114.96.3
                                          MTOCASetup.exeGet hashmaliciousUnknownBrowse
                                          • 64.18.87.81
                                          Setup.exeGet hashmaliciousUnknownBrowse
                                          • 64.18.87.81
                                          Setup.exeGet hashmaliciousUnknownBrowse
                                          • 64.18.87.82
                                          SecuriteInfo.com.Program.Unwanted.4662.20461.1147.exeGet hashmaliciousUnknownBrowse
                                          • 64.18.87.4
                                          SecuriteInfo.com.Program.Unwanted.4662.20461.1147.exeGet hashmaliciousUnknownBrowse
                                          • 64.18.87.4
                                          ffff6f6.msiGet hashmaliciousUnknownBrowse
                                          • 64.18.87.10
                                          uXUrccWxXO.elfGet hashmaliciousUnknownBrowse
                                          • 67.22.231.120
                                          https://filezilla-project.org/download.php?type=clientGet hashmaliciousUnknownBrowse
                                          • 64.18.87.81
                                          dagQSRLYsB.elfGet hashmaliciousUnknownBrowse
                                          • 206.55.88.228
                                          CLOUDFLARENETUSDRAFT DOCUMENTS.jsGet hashmaliciousAgentTeslaBrowse
                                          • 172.67.207.214
                                          http://nys-ns.com/Get hashmaliciousUnknownBrowse
                                          • 104.19.229.21
                                          http://nys-ns.com/Get hashmaliciousUnknownBrowse
                                          • 104.16.51.111
                                          PG_320_MPI STEELPROCESS SRL_20240607_100526.xlsGet hashmaliciousRemcosBrowse
                                          • 188.114.96.3
                                          http://www.choeshop.comGet hashmaliciousUnknownBrowse
                                          • 1.1.1.1
                                          http://beonlineboo.comGet hashmaliciousUnknownBrowse
                                          • 1.1.1.1
                                          Transaction_Ref_000067_AC_4090_pdf.jsGet hashmaliciousWSHRATBrowse
                                          • 188.114.96.3
                                          file.exeGet hashmaliciousAmadey, Babadeda, Stealc, VidarBrowse
                                          • 172.64.41.3
                                          SecuriteInfo.com.Win64.Malware-gen.8656.30833.exeGet hashmaliciousLummaCBrowse
                                          • 188.114.96.3

                                          JA3 Fingerprints

                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                          3b5074b1b5d032e5620f69f9f700ff0eDRAFT DOCUMENTS.jsGet hashmaliciousAgentTeslaBrowse
                                          • 104.19.159.224
                                          • 104.16.149.130
                                          http://beonlineboo.comGet hashmaliciousUnknownBrowse
                                          • 104.19.159.224
                                          • 104.16.149.130
                                          Banco_BPM__Copia_del_Pagamento.pdf.batGet hashmaliciousRemcosBrowse
                                          • 104.19.159.224
                                          • 104.16.149.130
                                          QvS0a5bvCMM8EUj.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                          • 104.19.159.224
                                          • 104.16.149.130
                                          DeqcE30sLb.exeGet hashmaliciousDCRatBrowse
                                          • 104.19.159.224
                                          • 104.16.149.130
                                          http://mbcxwo.comGet hashmaliciousUnknownBrowse
                                          • 104.19.159.224
                                          • 104.16.149.130
                                          SecuriteInfo.com.Win32.Malware-gen.28268.20656.exeGet hashmaliciousUnknownBrowse
                                          • 104.19.159.224
                                          • 104.16.149.130
                                          SecuriteInfo.com.Win32.Malware-gen.28268.20656.exeGet hashmaliciousUnknownBrowse
                                          • 104.19.159.224
                                          • 104.16.149.130
                                          qqMLbietPf.exeGet hashmaliciousDCRatBrowse
                                          • 104.19.159.224
                                          • 104.16.149.130
                                          37f463bf4616ecd445d4a1937da06e19Transaction_Ref_000067_AC_4090_pdf.jsGet hashmaliciousWSHRATBrowse
                                          • 49.12.121.47
                                          • 104.19.208.152
                                          Revised PI_2024.exeGet hashmaliciousGuLoader, Snake KeyloggerBrowse
                                          • 49.12.121.47
                                          • 104.19.208.152
                                          file.exeGet hashmaliciousBabuk, DjvuBrowse
                                          • 49.12.121.47
                                          • 104.19.208.152
                                          MN3OAv98T9.exeGet hashmaliciousLummaC, VidarBrowse
                                          • 49.12.121.47
                                          • 104.19.208.152
                                          file.exeGet hashmaliciousAmadey, Babadeda, Stealc, VidarBrowse
                                          • 49.12.121.47
                                          • 104.19.208.152
                                          SecuriteInfo.com.Win32.SpywareX-gen.5627.25731.dllGet hashmaliciousUnknownBrowse
                                          • 49.12.121.47
                                          • 104.19.208.152
                                          SecuriteInfo.com.Win32.SpywareX-gen.20276.19222.dllGet hashmaliciousUnknownBrowse
                                          • 49.12.121.47
                                          • 104.19.208.152
                                          SecuriteInfo.com.Win32.SpywareX-gen.5627.25731.dllGet hashmaliciousUnknownBrowse
                                          • 49.12.121.47
                                          • 104.19.208.152
                                          dfssjjj.exeGet hashmaliciousGhostRat, Mimikatz, NitolBrowse
                                          • 49.12.121.47
                                          • 104.19.208.152

                                          Dropped Files

                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                          C:\Program Files (x86)\Lavasoft\Web Companion\Application\7za.exehttps://filezilla-project.org/download.php?type=clientGet hashmaliciousUnknownBrowse
                                            C:\Program Files (x86)\Lavasoft\Web Companion\Application\Ad-Aware Web Companion.exehttps://filezilla-project.org/download.php?type=clientGet hashmaliciousUnknownBrowse
                                              C:\Program Files (x86)\Lavasoft\Web Companion\Application\BCUSDK.dllhttps://filezilla-project.org/download.php?type=clientGet hashmaliciousUnknownBrowse
                                                C:\Program Files (x86)\Lavasoft\Web Companion\Application\BCUEngineS.dllhttps://filezilla-project.org/download.php?type=clientGet hashmaliciousUnknownBrowse

                                                  Created / dropped Files

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\7za.exe

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):468184
                                                  Entropy (8bit):6.230723685020727
                                                  Encrypted:false
                                                  SSDEEP:6144:8511bCALveDe7tEw0IN3q1If9wZfgomh8wuAf4CBxrzBOVzZNkcI1FPjTI6e36b4:q11bCALveK7ddN3cEBfXBxBOVzwbmb
                                                  MD5:E68227603D05EA88F1E669177F9BEFE8
                                                  SHA1:3A0FE67C5AE771DB6C35CD14C7EA8212587A7458
                                                  SHA-256:03F819347899300796C7D8BEC97D754D29E47A246FECD98F606F73526F82234D
                                                  SHA-512:B759D2AA6B75CB310B7B953C19B25A67282BF1EA17A8C0C214CAF5C4E2E07CA32447FC195D1D214B13A799FFC310FFF4E2DB93FC916282CAA398458F5D103CB7
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Joe Sandbox View:
                                                  • Filename: , Detection: malicious, Browse
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........j.[...[...[...-.y.Z...-...P...[.......-.j.....-.i.T...@.Z...-.x.Z...-.|.Z...Rich[...................PE..d...p.mZ..........#..........N................@..............................@......y.......................................................D...x....0..........X_.......2...........................................................................................text............................... ..`.rdata..............................@..@.data....,..........................@....pdata..X_.......`..................@..@.rsrc........0......................@..@................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Ad-Aware Web Companion.exe

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):640216
                                                  Entropy (8bit):5.64654328257623
                                                  Encrypted:false
                                                  SSDEEP:12288:v8xS5Nrs9XMMYUfgps5ErCbOt8d/847cHIK:v8kTRMYog65KWCIK
                                                  MD5:EAC4717887788400A0F7236CAB8800DE
                                                  SHA1:E4AAFD6A58167B158BE798A0DB209D49A303D182
                                                  SHA-256:5E8DB9C0CAB2ACD9192F0E28991D109B0A9F46E3492264EDC8A659E507D40A9B
                                                  SHA-512:D1FFFF3FBFB27D52E417C0FAB9D4F65A504F0618F85F35584FAC63AFC51802C23E9E050BC16A20C97EF467B054050B668B84D9C5E78F16FC856469A08E36B84A
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Joe Sandbox View:
                                                  • Filename: , Detection: malicious, Browse
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......D..E..............[.......e.<.....d.....F.e.........................f....+e......._..............+Z.....Rich....................PE..L....}`e................."...l......z.............@.................................d.....@.....................................d........h...............2... ..hE.. ...8...........................@...@............................................textbssaV...............................text.... ...p...".................. ..`.rdata..\............&..............@..@.data....n...0......................@....idata..............................@..@.rsrc....h.......j..................@..@.reloc...P... ...R...@..............@..B........................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\BCUEngineS.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):3327776
                                                  Entropy (8bit):6.604049420317364
                                                  Encrypted:false
                                                  SSDEEP:49152:xy9jC5327LeAyDW06K6mBzsITo59wpGlU+2StoJrtf5inkE:xyjO32fyDW0Gm5sIToTwYTgh+
                                                  MD5:285F2AD79F10ED7F6C8C91C534744BB9
                                                  SHA1:A28E8E08B08A30F7768B4059730B4629832C6A84
                                                  SHA-256:4BD8DDDA775A10ECB5E57FC7ADA99D2C551B285E15609796667DA8CA6F999C7E
                                                  SHA-512:BD3E92DF412FA080D1C009BF0D0299F035D21382EF19C691EDF2F883E41542186C7670075FC44E2F874F96C071D8A48EE8A6DFB160F52D93F08B847E4B14C7CE
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 4%
                                                  Joe Sandbox View:
                                                  • Filename: , Detection: malicious, Browse
                                                  Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$.........M..#...#...#.......#..l..#.."..#.kD..#.kD...#.kD..#.......#..l..#...#...#.......#..."...#..l..b.#..l..#..l..#.......#..l..#.Rich..#.................PE..L....r.U...........!......&.........y.........&.............................. 3.......2...@.........................../.f.......T.... 0.............H.2..2...00.......&.8....................8,.....H8,.@.............&.`............................text...7.&.......&................. ..`.rdata..6=....&..>....&.............@..@.data...d.... /......./.............@....tls..........0......./.............@....rsrc........ 0......./.............@..@.reloc..,....00......./.............@..B........................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\BCUSDK.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):727768
                                                  Entropy (8bit):6.43017428874408
                                                  Encrypted:false
                                                  SSDEEP:12288:sOtZcbZXzrsk548VyK8SbMAfQBM6LDkzOZYv3JSGeizoyDaH:sOrcbZT8AYBpLMO8SGHoyeH
                                                  MD5:E2D9615B09A39C15C6277C5E5D36C3B8
                                                  SHA1:E4A815235319E19CB02F06DAEE2FECB6F2B5753A
                                                  SHA-256:D27B1533E12176518E3C5545BFC15B951C0341F124FD8E9E00BC7CCCA26B57F8
                                                  SHA-512:5C9FA21FD10608E1C3FE46C985A31E10A8C4C27198D53605BE86257D9160E477CDF40DB1ADC2E0B05AD0EB300A5C5F8E57E1029AF1C60B8466DD50683DE3405F
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Joe Sandbox View:
                                                  • Filename: , Detection: malicious, Browse
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........P...>...>...>.mG....>..!....>..!..t.>..!....>.......>...>...>.......>...?.*.>.1.....>.1.....>.1.....>......>.1.....>.Rich..>.........................PE..L.....U...........!.....J..........`........`...............................`......j.....@..........................:.......-..x....0...................2...@...f...b..8........................... z..@............`..,............................text...LI.......J.................. ..`.rdata.......`.......N..............@..@.data........@.......,..............@....rsrc........0......................@..@.reloc.......@......................@..B................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\DotNetZip.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):470744
                                                  Entropy (8bit):6.847665009137063
                                                  Encrypted:false
                                                  SSDEEP:6144:cRYYIiJaeEWfTXQyu8+yi4ZiwAEsFdnQ6uw2lQc2RGtSV41OJDsTDDr1LUe6GNxM:cF9agBr6ilLS4msT1oe6kf+Pj
                                                  MD5:909C4F5B405A99D81D7707D8F2A5337B
                                                  SHA1:CAAE2D201AC336D85A54AA4CDA0641B88E36D3F3
                                                  SHA-256:4E193D41F12F1CB2EABCE6DAA3AA4AFBC71FD4DCF5ED62200E1638FD6A16EA72
                                                  SHA-512:8A76272C5DEA0BCC856021A7B36A99251C3EF347E1F876538E4ECCC375337B743F51662E11F9747E1CACB268DC37AB808B32137A1AFCFD7B23ECD10F28ABF884
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...q..Z.........." ..0.................. ... ....... .......................`............@.....................................O.... ...................2...@......d................................................ ............... ..H............text........ ...................... ..`.rsrc........ ......................@..@.reloc.......@......................@..B........................H.......@.................../............................................{....*"..}....*.*..(....*..0..F.......s....%r...po.....{.........(<...o....r...po.....|....( ...o....&o!...*...0...........s"......o#...(....*.0.............{......E............,.......8...D...+Q..{..........+M..{.......+A..{..........+2..{.......+&..{.......+...{..........+.r...ps$...z.*6..oh...(....*..(....*....0..a.......s....%.|..........o!...o....r...po.....{.........(<...o....r...po.....|....r#..p

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Esent.Interop.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):407768
                                                  Entropy (8bit):5.969604490047909
                                                  Encrypted:false
                                                  SSDEEP:6144:S8ASBEKZNe2+6QfeFlrd+jkg3yX285iS/377gckFMW1zU72JlHwt8p30Heqh:cqlR/xTim3IcI/Lqh
                                                  MD5:830058E9E557406BB4F8DA46B4274F96
                                                  SHA1:5987EDF4D00A6FAC6E57D6CB7EE157010EA1E515
                                                  SHA-256:D1AB0858F9795C0D89CEBD2881E0AD99A7C922AB1C89ED11F2CC738CCA4E615F
                                                  SHA-512:469348817B276F3296AD38B1A5D50F2D8B426025EFDE70C7CCF90A7161E4E0D31C9E0173E831D7B80E04DC98AF6CF810B6E7AC05EED543629C1F73D112349C85
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....RhW.........." ..0.................. ... ....... .......................`............@.................................\...O.... ...................2...@......$................................................ ............... ..H............text........ ...................... ..`.rsrc........ ......................@..@.reloc.......@......................@..B........................H...........<6..........................................................&.(......**..( .....*....(!.....*f..s".........sH...(.....*..0..'.......~.........(#...t............(...+...3.*..0..'.......~.........(%...t............(...+...3.*.~....*.......*R.(......o....(....&*Z.(........o....(....&*N.(.....o....(....&*...0...........(......o....(.....+..*R.(......o....(....&*N.(.....o....(....&*N.(.....o....(....&*N.(.....o....(....&*R.(......o....(....&*....0.. ........(........s&

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Extension\@wcextensionff.xpi

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                  Category:dropped
                                                  Size (bytes):59316
                                                  Entropy (8bit):7.880293608811765
                                                  Encrypted:false
                                                  SSDEEP:1536:+HPkHMRS54xpdWi9qHkDcTYPkvPkMPkY6qh:GPksRgkdWi9q6cTYPkvPkMPkY6E
                                                  MD5:8DA01C7329C1AF3202D93C8631E0DF35
                                                  SHA1:38F1E5DD6CBB577249C676127BC9565B70F78760
                                                  SHA-256:A30D0AA074214F7C6D8E82FE36E6EA4FC17C95F6C772C11D03667911C0475A03
                                                  SHA-512:2103ECB37B02C74D51C6C85CBE05A073FFD5860F8644AD54ADB212C690EDF8FE732EA784BA7CECB93DA2022A93B135DDC9E2BBC8DF26AE798CB6F28E2AAE4F7C
                                                  Malicious:false
                                                  Preview:PK........hq'H.|b.....K.......META-INF/mozilla.rsa.WgT.k.&..B3H/.Ho_.Mz..........A..A...H...R.H.D@P..).T...^.]..w..={....o..w...<s. .i.(..:.]j..8.@'...$. ........@...$..o.(.........$#.....0..'bc......:r.....b..!...hv...P"..x.g....:....n......c+.......!.;...sL@.;;.q.Hc{wog.=....;@.....D<~.D06.6vvx..(.W4Q..#Z...3E..#..P."xW.._._.*.xa.X....-....q......#(s.....74....;..|.....1 CP..p.6.8.........~..L....x.#..h&...+2..`.}=............."%....$G.)..0.d.=.O?....%.....1@m.7.5...a..KX.z..s.}..g.......4.K..N.*....*..%t.....'..-...._$....W.1X'.X.........OF.`]P.'._...S.t}G....kv.o...kEj.^.)gf.p*.Dn9u ....M.>...x..u...`.*P$xb}~)....k6..o:......j..k....Si.!.D.\.SF....<.d.'..,..Vf...<@M...M<.FEv...l......$U&|YwF.'s1..\W..Il5+./.#.......Bk..&||v~../.Jd..W1.j:c.:..s....-..V.*...?.?.q+.2...N......el.J.5.......='..C.@...W..>gX...k....6.w.4{.2<..W%.Zq-..f.?+d...3.}..#%L.{.P.|.qXk..d.*...hf..Z.{.y=w..l..-.f..M...G.5..N.=m..Mb.....?..1......H@..G.qa(.........g..0.

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\ICSharpCode.SharpZipLib.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):213720
                                                  Entropy (8bit):5.7590701476394095
                                                  Encrypted:false
                                                  SSDEEP:3072:3K1c/KCOAUXk31Vv91GOtJJKuE1iA5mGPB8qd9OTymIpn+64kRAclDwRNG95ZI4Y:ae9OAQsFtJrGPBnmIRZX6
                                                  MD5:D21039264AB947303E03FA56FF1011FD
                                                  SHA1:DF804447358CD6293BCD6FEAACD70E2FBC53F4B9
                                                  SHA-256:9BA3F901D532CA29C99BB113D0370597E8A7AB1E3EAF3FA059DF495A5769C9E6
                                                  SHA-512:413603086F990622E312F1DA44DCCFD6A05CBA0DE933AAD31FE861760C2B1261B140F9075BEF9C96F7955A75A5FEDEC5DFDB562FEFEA483D6478ACC34D75A206
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......S...........!......... ........... ........@.. .......................@............@.................................d...W........................2... ....................................................... ............... ..H............text........ ...................... ..`.rsrc...............................@..@.reloc....... ......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.IWshRuntimeLibrary.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):62168
                                                  Entropy (8bit):5.456421345249905
                                                  Encrypted:false
                                                  SSDEEP:1536:9L9nVJEetVDUxSp1K2z9IDd3gzqgKxnB3lxf:9RVJEMVDqMK2z9IDdQzHKj
                                                  MD5:A671375100C522CF998A9A9BD09F9C42
                                                  SHA1:84FE648E7E8DA96877FE7AE2AD56C4E802354274
                                                  SHA-256:7A9307D6DCDE91368195126BEAEF51CCC0D81F2AEB149F30BCA099A0C7FF856E
                                                  SHA-512:BB57D29F32CD75E0F07E6F6D8BDB1620ED2B39048CD1A8E53E15C625BA7EF9F8C1ABB40EEF2EF53765D0171ADFFD9B94BB336CB8268C5F4B1D8C7FAE6821BA7D
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...3%DY...........!......... ......>.... ........@.. ....................................@....................................O........................2........................................................... ............... ..H............text...D.... ...................... ..`.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.LavasoftTcpServiceLib.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):58072
                                                  Entropy (8bit):5.518951314312486
                                                  Encrypted:false
                                                  SSDEEP:768:0dKVoSyxH33PyGaEVDTOsNpgw3wIcAlJCP5ymDgKxnVbDLmaoyAMxkEe:uD/y9E1TOsR3lJ6DgKxnBroQxy
                                                  MD5:8A5DA49FDD083CBED40465E495407FE3
                                                  SHA1:C6DA721FE6B48D7DBEB5556A1F7277B8B0593104
                                                  SHA-256:6DAAAEE64C0C3EF60459EC48D50184ECA341ABD4C6E8063F6A6111625FD5F14D
                                                  SHA-512:5BAA14594AA32D39EF8A70AB88263CA8EEDA5C954C5EEEE518B5CF68647AFCD6A4E4DBC02EA057AA2BB5DBDE1D6D4DD4D11C59E996389F33CD8DC9B0A1169430
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....FpU...........!......... ........... ........@.. ..............................A.....@.................................H...S........................2........................................................... ............... ..H............text....|... ...................... ..`.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.SHDocVw.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):168664
                                                  Entropy (8bit):5.541813032526921
                                                  Encrypted:false
                                                  SSDEEP:3072:jadMZC3fkpOTItC3MhmLwF62I5IfO9cjSBgn2FUraJYv+NMzCRw3mVE7KZo/ud8T:jadMZC3fkpOTItC3MhmLwF6n5IfO9cj/
                                                  MD5:1B1E377C14B6B80FC67AF70029878D97
                                                  SHA1:097610DA37F680B88D31AFAA707387DF21169F0B
                                                  SHA-256:DC4C9D0D86B498217DBEC2DAC5AEF675453121678B9BF0AB175697799DED8E97
                                                  SHA-512:19725BE02D5BCF330EAFFDAF0DBBDB7D47FB3EA22DE6830AC4CDCDFD86AF08EF6C9361F998B0B097CF8EEC578EFF59887F7943112D7F8B587A480A45BEF32ACF
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....`S...........!.....0... .......C... ...`....@.. ....................................@.................................dC..W....`..h............`...2........................................................... ............... ..H............text....#... ...0.................. ..`.rsrc...h....`.......@..............@..@.reloc...............P..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.Shell32.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):62168
                                                  Entropy (8bit):5.3820510912657875
                                                  Encrypted:false
                                                  SSDEEP:768:0exl81nX6ZxlvUAa7KoBv7epginbCe7AXjuw9tL0Duxj7tr+BrIxFSsAgKxnVbDa:0exl81nK34PJepgqcVzAsAgKxnBr/Xxk
                                                  MD5:BE798A27BC3AC7D44407EAB37ED9DE4D
                                                  SHA1:884FB70977178C4ED2FA4B64C7F2EAAE48EDB9E6
                                                  SHA-256:B6BE1F8EC341C302972A11D618F9BA1A69321EEEE1557A91B2ACC6BD63ABEDB3
                                                  SHA-512:72E7D81C4A99E8C28D3F8425008C36D981E393304B2D6309CC0114006BC6C134F10B5FE2D51E4D129FDDCA7BEADF5D971381B827E6679A80932596729A5BA043
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...A.ST...........!......... ........... ........@.. ....................................@....................................O.......h................2........................................................... ............... ..H............text...$.... ...................... ..`.rsrc...h...........................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.WUApiLib.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):99032
                                                  Entropy (8bit):5.705246523074101
                                                  Encrypted:false
                                                  SSDEEP:1536:PfutksUQDy4qJgax0L4zP+YuqLSTL/SiEDx4l3Ow6OhNgKxnBrgxN:uQw3ax0L4D+YZLS3/SiEq+wjhqK4
                                                  MD5:0588CB68935DB123DE5E666016916319
                                                  SHA1:DCC13840D28CBE9BA2EDB7BE1BF5F98F1FCFE072
                                                  SHA-256:2DA6786744548E5E881DD5321DF5B53D4D5352E304A0959A7193D85EF8699F5A
                                                  SHA-512:DD9D5D50247C31BF4A4D0A6A294AF48DDB4165D759BCC1502693D2E44C4F0283F2F74337609CD9A2FC435155B2D4CF0730423CBF9D85BA0301E868E3CE9776E7
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...r..O...........!..... ... ......^7... ...@....@.. ..............................{.....@..................................7..K....@..p............P...2...`....................................................... ............... ..H............text...d.... ... .................. ..`.rsrc...p....@.......0..............@..@.reloc.......`.......@..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Ionic.Zip.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):475352
                                                  Entropy (8bit):6.839186472041566
                                                  Encrypted:false
                                                  SSDEEP:6144:DeSYvQAd10GtSV41OJDsTDDVUMle6ZjxLV/rHo0Oaaz2R9IYJF:CJBdBS4msNUCe65frHMnz2R9jF
                                                  MD5:5346BA51D28B0179A23617145FB427D0
                                                  SHA1:82381BA437474638F011149A9A680DE4EF1AEF04
                                                  SHA-256:999D262EA1F3687C7FAECD50738F60B46D027D38D318ED805B9CC08A249CF2C9
                                                  SHA-512:2A58558CA6088AA99445CFA42585DB2D40A54AACD71DDE1B19ECB69E8C0152976163F7E093CC065F9096B62A9776416132D6D3045E22CA1136D5C4F72DA0DA47
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 4%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....=N...........!................N#... ...@....@.. ...............................\....@.................................."..O....@..P................2...`......."............................................... ............... ..H............text...T.... ...................... ..`.rsrc...P....@......................@..@.reloc.......`......................@..B................0#......H.......0U..l...........P%.../..P ......................................6..`N.?O...%.C.k_..d...I......5a.......9x......R...gg8...JM...`.[. .o..eE1$_.M.h.q.oz..1..........@....s.c/J..wk.D.....t..&...(....*...0..2........r...p(....}.......}"....(........(.........(....*..r...p(....}.......}"....(........(....*..0..j.........o....-..s#...+..}......(......(......}.....(....s....}......}......}......(......%-.&r...p}......j(#...*rr!..p.{.....{.....B...(....*..0..A........{..

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\LZ4.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):52440
                                                  Entropy (8bit):6.314760277569025
                                                  Encrypted:false
                                                  SSDEEP:768:t4JxKxYIP7NGp4mbOLfjz+xEqDAXjIXaugKxnVbDLmWXAMxkETm:hxY67NYofjzr6QyaugKxnB3Xx/m
                                                  MD5:46756DE60BAD1ECBCF578B722961C99F
                                                  SHA1:D033043AD74674F2F55CC0AD84B145E8A26CE953
                                                  SHA-256:79ED7F8CDE3B3F68F9B96468253F2AC96DD013660758A8B10AA47D4EBCC41B07
                                                  SHA-512:2ECC584AA66EAD046CFEBA8014D910760E38EE18F2F546795F66CA1C6AC5D35BB0FFBCE1A3D9472482CD6D3661799E8BCCB6F7C7918A129F6340C6B12A9E6412
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......V...........!..................... ........... ....................................@....................................S........................2........................................................... ............... ..H............text...4.... ...................... ..`.rsrc...............................@..@.reloc..............................@..B........................H........f...H..........................................................6.. ....[X..X*...0..t........J./....i.YT.J-....T*.-.r...ps....z..2...JX..i1.r...ps....z..J./.....i..YT.-.r}..ps....z...2.....JX..i1.r...ps....z*..-..s....z*>.......X..c.*6......X..b`.*z......X..b`...X...b`...X...b`*....0..@.............X..b`...X...b`...X...b`.......X..b`...X...b`...X...b`...a*.0.............n...X.n.b`...X.n..b`...X.n..b`...X.n. b`...X.n.(b`...X.n.0b`...X.n.8b`....n...X.n.b`...X.n..b`...

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):204504
                                                  Entropy (8bit):5.774649637058115
                                                  Encrypted:false
                                                  SSDEEP:3072:bdt47pwdW6rTF0TQZh03WdWJDqVb4nSG7inS9NJGhlpjKUYsqbiAtH81hBmKX5:Zze0r03vwEnF7inS9rA1Tp
                                                  MD5:357E1A39CDE97D24FA3D64FB860AD39D
                                                  SHA1:CEE5106C8DFCFB9AA047CF9D4817AC21CCB9252A
                                                  SHA-256:94480874ED4A8CF8D06DB16178259F129DBD300A994397010EA3EB18B1F75259
                                                  SHA-512:CF4A21103E2145BE6B5AE461B26539BDE0D8871F5057E4794011ACB330748730EF06802C9EDD061C4AECE215981FBD5B33BFB4247F71EAE6060D9A3A7803AB7F
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 4%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!..................... ... ....... .......................`......*.....@.....................................O.... ..H................2...@....................................................... ............... ..H............text........ ...................... ..`.rsrc...H.... ......................@..@.reloc.......@......................@..B........................H.......4...P............................................................0..........r...p.....r+..p.....r[..p.....r...p.....r...p.....r...p.....r...p.....r...p.....r3..p.....r_..p.....r...p.....r...p.....r...p.....r...p.....*....0..C.......r...p.....r7..p.....rS..p.....rs..p.....r...p.....r...p.....r...p.....r...p.....rA..p.....ra..p.....r...p.....r...p.....r...p.....r...p.....r...p.....r7..p.....rO..p.....rm..p. ...r...p.!...r...p."...r...p.#...r...p.$...r...p.%...r9..p.&...

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Automation.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):44248
                                                  Entropy (8bit):6.286203097197047
                                                  Encrypted:false
                                                  SSDEEP:768:TyQ2zMDR4SpdC/LNJIvv5KSvtvRU3TIMd5ZwvashgKxnVbDLmaBaAMxkEHU:TyQ2zMDRZRU3MMd5ZSnhgKxnBrKx4
                                                  MD5:7B2DEDFB2940A1E07DF44221F0B7C154
                                                  SHA1:5A56976F6E134E2D746FEEA9F7B7A3A3A516911D
                                                  SHA-256:F5D9B0981BF04FD32B26B6C5E9D6C6FF2834F84156E0CC12D328A85850AC3637
                                                  SHA-512:12C3C213EF530FA4BAC35922425BC4B4FA9484E993473CCD83D326C2D722F4C487D5C0B746764305AA82F507483A3F60372D5B5B8A6F800CD374FB0C8A680AE2
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....r^...........!.....r............... ........... ....................................@.................................\...O.......H............z...2..........$................................................ ............... ..H............text....p... ...r.................. ..`.rsrc...H............t..............@..@.reloc...............x..............@..B........................H.......4H...F...........................................................0............{.....+..*r.~....}.....(........}.....*....0............{.....+..*&...}....*r.~....}.....(........}.....*..0............{......o.....+..*..0............(...+........-%..o.....(...+.o.....(...+.s.....8.....(...+........:.....s.......o......+7..(.........(......(......(....u&...-..+...s....o........( .....-...........o!.........-..o"...s#....+..o"...s$....+...+..*........Y.F........0..........

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):59096
                                                  Entropy (8bit):6.275529461974405
                                                  Encrypted:false
                                                  SSDEEP:1536:HAyZatnUAEwhoms0lpfq+EJgKxnBr9HxE:ytnU/Qo0pS9WKU
                                                  MD5:9C09F1310368DC71AA30B3B93377930D
                                                  SHA1:55CC656074F5C9B8B3CEA5807E97CEAD8E9FB134
                                                  SHA-256:C65737504DEC4639FE20292CE2F38112712A3156274291C5BFF91AF23ECC0FAC
                                                  SHA-512:1A528ACB83C0A1322D4FBD614038461E8F01E32E5AD039D6078BB1432916082E37A8E8E369ADE29657548107AB18B376BFD109DCCCFA2303B57C765D870D04CB
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....r^...........!..................... ........... ....................... ...........@.................................D...W........................2........................................................... ............... ..H............text........ ...................... ..`.rsrc...............................@..@.reloc..............................@..B........................H.......hc...e...........................................................0..2.........{....%.(........}.....{......o.........(.......*...........(.......0..*.........{....%.(.......{.....o........(........*...................0............{....%.(.......{....o....(...+....(........*...........#.......0..=.........{....%.(.......{.....o...........-....}..........(........*...........#2.......0..+.........{....%.(.......{......o .......(........*.......... .......0............{.

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Compression.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):22232
                                                  Entropy (8bit):6.755934277909707
                                                  Encrypted:false
                                                  SSDEEP:384:EpE0gG53WPmd0EFP27xWkVbDWRpUmWWJmxKaAM+o/8E9VF0NyAS:m8u0gKxnVbDLmWuaAMxkEz
                                                  MD5:83BEE632454B24D70EFCC90820F697C9
                                                  SHA1:7D0BE587D7D54E95F7B0171DEB6A1ADC49AFED6F
                                                  SHA-256:5DE57DE660065003286BFA85D8620BEFBC14054CCDCDB042F24E67DA1E770AC7
                                                  SHA-512:965CF849F4969DEF42EA3292B9B6B2B6343419BDD6AF5832F0730E4ADF7153B24BA8CD56B6F25F15C743F294858A27E0007A133EEEF62BB585E655901EE9BE17
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 4%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....r^...........!.................:... ...@....... ..............................dw....@..................................9..K....@..h............$...2...`.......8............................................... ............... ..H............text...$.... ...................... ..`.rsrc...h....@......................@..@.reloc.......`......."..............@..B.................:......H........%...............................................................0...........{.....+..*"..}....*.0...........{.....+..*"..}....*.0............(........+..*j.(........(.......(......*j.(........(.......(......*~.(.............(.......(......*.s..........~.....s....o.....~.....s....o......*....0...........~.....o.....+..*..(....*....0...........{.....+..*"..}....*.0...........{.....+..*"..}....*.0............(........+..*j.(........(.......(......*j.(........(.......(..

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Events.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):133848
                                                  Entropy (8bit):6.03296808579481
                                                  Encrypted:false
                                                  SSDEEP:3072:XSCLdd7ysQJRPqvOHs6gf32SwJkRSekXbnTEJjLiQybZ3fi/Kt:XrLdd7j1mMbPwiRSekXbLRt
                                                  MD5:94EBF4CEA94E30F1CAD777FA5DF25DAD
                                                  SHA1:BF96A7624540311324667BA3A550CBEE2F7DE35A
                                                  SHA-256:A39B13F38FE126CE586556652A4F8B05D7879E059E65E62C2B9A12E69DA57E8A
                                                  SHA-512:8D2D0B6BC29F7DE587C35459B6D8FFBA51E0A82752C12267A184C03618ED489C507F921F8930BC38BC6F75871148C240DD9F5BA501E255C662184E2C9310F2C3
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....fa...........!..0.................. ........... .......................@.......F....@.................................t...O........................2... ......<................................................ ............... ..H............text........ ...................... ..`.rsrc...............................@..@.reloc....... ......................@..B........................H...........<c...........................................................0..=........(....-..#(....r...p(....+...(....r...p(......rA..p(.....+..*....0...........(....rg..p(.....+..*....0..'.........(.......rq..p.(....(.......(.....+..*..0.............(.......(......(...........(...........+..*...................0..5.........(....(......,.(....(....(...........o....(........*..........."#.......0..<.........(....(....-.(....(....+....,.(....(..........ru..p.s....z*........,-..

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Extension.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):117464
                                                  Entropy (8bit):5.8509293496889825
                                                  Encrypted:false
                                                  SSDEEP:1536:RCMxMNMIG2NiC8/Srwwb2A49qIut99b6QSVCOZaagKxnB3wxVE:Rnu6uNiOrwS2AsYt99bkYX3Kh
                                                  MD5:780626CB4A95A28D7A17C9288D617E71
                                                  SHA1:70F80D9131BC6D78B4F8B28CEFF834EBCF403CFE
                                                  SHA-256:25EA8110BD2ED6C660F5CC2BB2C8DBCB521222F84334C91E897E54DF3C060F3B
                                                  SHA-512:8B5CE07298B1F63B3019308FED5E4D87F8AFA99EBD1667527A783A2F5AA50B10FE2F6F1852CEF7D413C1AF5ACE04A77FC52F8A15D5DC3E7EAA9576690F2EDEBB
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....r^...........!.................... ........... ....................................@.................................x...S.......X................2..........@................................................ ............... ..H............text....... ...................... ..`.rsrc...X...........................@..@.reloc..............................@..B........................H....... ... ...........................................................&..(.....*...0..Z.........(....o.....+-.o.......,..o....+.....-..+..o.........-..+...o......-.........-..o.......*..........;H........(....*..(C...oI...&.(......(......(......(.....*...0...........(C...o)...(...........-...*.0..,........(C...o)...(.........-..+.(.....sU...(V....*N.(C...oH...&(.....*.0..Z.........(....o.....+-.o.......,..o....+.....-..+..o.........-..+...o......-.........-..o.......*......

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.IEController.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):139480
                                                  Entropy (8bit):5.470974175748931
                                                  Encrypted:false
                                                  SSDEEP:1536:eF7p5cLpHWeHwgRDbYybNNAQdOUho0YpWv9nGJh4cgKxnBr0xLe:eK1HfBR3YybNkUho0YpWv9nGCKoe
                                                  MD5:3C5BF1898B6685A9A835C5BABD3A7BFF
                                                  SHA1:A5D0E4E3ED1F84CAF7CEB8E430D7393B6AF84012
                                                  SHA-256:2D08E6022BDC6C3C62DA025BDCD387E8138226CCC473521386214898FE6AAB9B
                                                  SHA-512:C6A8BA074866C258A331D84D118A3F4BF56FBA51CA18DD920AE42FBDEE94266A2542038072AD993FA18D9A6D30D3B74D785CA5674B9378E06E46E69F239C3CDD
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........j.eS..6S..6S..6.ZP6Q..6^Yl6W..6^Yn6P..6^YQ6X..6^YP6Z..6Zs26U..6Zs"6X..6S..68..6.P6P..6.m6R..6^Yj6R..6.o6R..6RichS..6........PE..L....}`e...........!.....2..........~........................................P......k.....@.............................V...(........0..<................2...@.......X..8...............................@...............(............................textbss.................................text....0.......2.................. ..`.rdata..6....P.......6..............@..@.data..../..........................@....idata..~...........................@..@.rsrc...<....0......................@..@.reloc..^....@......................@..B........................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Omni.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):26840
                                                  Entropy (8bit):6.566697638301364
                                                  Encrypted:false
                                                  SSDEEP:384:Cs50VUWNm/2EHaqcCuEulswVoEFP27xWkVbDWRpUmWWv0AM+o/8E9VF0Ny+gWU:D2dBJqwVogKxnVbDLmWPAMxkE4U
                                                  MD5:CE905FCE54DCD1E1BF4B7CB58B71A94C
                                                  SHA1:94AB818D4AAA68B5E5E5511F90B6BE487E1D3546
                                                  SHA-256:818905673392BFA50A4346D43CA734850814A3C6B46F09F9DEE20FBEFB10BDF7
                                                  SHA-512:3BCE799866AAF2EC1DAB9AE5B357F83F600F52867287566F1196D5F73D64D991629FFCD0D8D12E1EFF7F235AB44D302BFF2A6731BC5BEF214A3BA0342A39F3D7
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....r^...........!.................L... ...`....... ....................................@..................................K..K....`..0............6...2...........J............................................... ............... ..H............text...$,... ...................... ..`.rsrc...0....`.......0..............@..@.reloc...............4..............@..B.................L......H........+...............................................................0..<........(........(.....s....}.........(......o....r...po..........*.................0..G.........{....,7.{....o....r!..po....,..{....o....r!..po....(....+...+....+..*..0..N.........{....,..{....o....r!..po.......+.....-$..{....o....r!..p..(....o....o......*...0..G.........{....,7.{....o....rA..po....,..{....o....rA..po....(....+...+....+..*..0..N.........{....,..{....o....rA..po.......+.....-$..{....

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Search.exe

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):208600
                                                  Entropy (8bit):6.216410078337049
                                                  Encrypted:false
                                                  SSDEEP:3072:8Qc7jMFlaJi024ao1DN7aEdArxCISAK9Zme4tpbWOgrsvU3gIabrddeQeMyUzgKj:8B7j0aMaI4Zz4byOgV2br6U1j
                                                  MD5:1A6E64A89F37623232F7A79A91042012
                                                  SHA1:7A7046677DC762233752897BF872A4D4539650BC
                                                  SHA-256:E99D41C2BEAE503C1CD19CA56CE6CF9CD7B1701E3743CDBBBAFA5005A9440D23
                                                  SHA-512:A1626AEF6366F90D5C23567E8DA178F79870A826CAC29A2617CB72782C05D73147C02D70863F05331A8EF391B2D1AF62740A819C57E2A8538866ECAD3C0874AC
                                                  Malicious:true
                                                  Yara Hits:
                                                  • Rule: JoeSecurity_GenericDownloader_1, Description: Yara detected Generic Downloader, Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Search.exe, Author: Joe Security
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 5%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...y7`e................................. ... ....@.. .......................`............@.....................................J.... ..b................2...@....................................................... ............... ..H............text........ ...................... ..`.rsrc...b.... ......................@..@.reloc.......@......................@..B........................H.......................t...P!...........................................0..D...........Q...8!...8"...8'....~....~.... ..f.8....8....8....8..........8....8....-.~....~.... ..f.()...o .....o!.....(...+..,:(......~.... b.f.()...o#..........-..~.... q.f.()...o$......k()...8m...o ...8h....8g....8f.....8j.....8h......~......o%.....o&....(........o'...~.... H.f.()...o..........o(.....+...*.8....s)...8.....8...............=.....0..............Q...8....8....8.....~*...~.... ..f.8....

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Search.exe.config

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):1971
                                                  Entropy (8bit):5.13661332037052
                                                  Encrypted:false
                                                  SSDEEP:48:c5paXDJmkxHCm1L5xm1dOvF2qfZibFLzfsxkA:JXDE4iAYo09bFYB
                                                  MD5:A7C1E1B23999EB3068D6357CBA828211
                                                  SHA1:17EDB3471E1D0CEABF360ABA444CBF4146A82C1E
                                                  SHA-256:11240B9B314D463DBF65A5BFD1CE9A4AF40888FCA25E7841E8B63D31B82D820E
                                                  SHA-512:044791148DF6563254EEDB1BF177FAAD4F79B5E596B4DDD04E1DDE5C3FF831BEB011B15B77016B37CB3D91CFC98A7CE71D74F0E709B2C28EFCE1AE83A318DC1D
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <configSections>.. <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler, log4net" />.. </configSections>.. <startup>.. Run on all versions of NET 3.5 and 4 See http://msdn.microsoft.com/en-us/library/jj152935(v=vs.110).aspx -->.. <supportedRuntime version="v2.0.50727" />.. <supportedRuntime version="v4.0" />.. </startup>.. Log4Net configuration settings-->.. <log4net>.. <appender name="SearchLogger" type="log4net.Appender.RollingFileAppender">.. <param name="File" value="${LOCALAPPDATA}\Lavasoft\Web Companion\Logs\Webcompanion\webcompanion.log"/>.. -->.. WinXP path to webcompanion.log-->.. .. <param name="File" value="${userprofile}\Local Settings\Application Data\Lavasoft\Web Companion\Logs\Webcompanion\webcompanion.log"/>-->.. <param name="File" value="${LOCALAPPDATA}\Lavasoft\Search\Logs\search.log" />.. WinXP path to w

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):544472
                                                  Entropy (8bit):6.141661937290546
                                                  Encrypted:false
                                                  SSDEEP:6144:tpeOhwJdxGtrxxDOPEy2QxNbFtLdPNxlZjLQWjF:taxE1Ucy2QxhJPTlZfpjF
                                                  MD5:0E01900E60BCE3B1013F93CD973D2E0E
                                                  SHA1:8C07D811EE814D8C743652EEF7CBBC4043444156
                                                  SHA-256:8D432AF281EAD056BE4FEA7FEC8903AA8C97C9335B67472B2E1F815C4AD0D0A1
                                                  SHA-512:652881AD47E84D99453D6BAF65C0C873BD929D06220E0FF093B52901B1E510FA5D3C13F3CB031C0C7B882F4DC16317474CD7E5A5EB8F683B8A6C5F567EDBA3F4
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 5%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......c...........!..0..............1... ...@....... ....................................@..................................1..O....@...................2...`......l0............................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B.................1......H........+..............d....$...........................................0..l..........s$.....o%...o&.........%..w.o'.........%....o'.......-&..o&.........%..w.o'.........%....o'..........+..*........89.-.....0...............((...()........s*...%r...p(.....o+....%r-..p(.....o+....%rW..p(.....o+....%r...p(.....o+....%r...p(......o+....%r...p(.....o+....%r...p(.....o+....%rE..p(......o+....%ro..p(......o+....%r...p(......o+....%r...p(......o+.........s,........s-...%r-..po....&

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):41688
                                                  Entropy (8bit):6.279144500339965
                                                  Encrypted:false
                                                  SSDEEP:768:EhJWxWrnFT06StUREICDS/lH/cRF6IgKxnVbDLmWwAMxkEXPf:EhJjzR0ZpICDS/lH/cj6IgKxnB3exTf
                                                  MD5:B45C9A055A257C79AEA879F232AAC413
                                                  SHA1:925079FA935781C917D9CE309AD4194D1F07901D
                                                  SHA-256:9EAA23D2F4B7297E46170A6973B19329C5A4B9BAB16262F5B8F19C59EDCD7B18
                                                  SHA-512:49EF957B5C96391ABC5FF550EFCEC58D751B6085C44575DEC2842A36017B65F7887FA2F65A527E34FE86F3E8E8D475D9451920A637530726F4E74676C744EE1F
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....r^...........!.....h..........N.... ........... ....................................@....................................W....................p...2........................................................... ............... ..H............text...Tf... ...h.................. ..`.rsrc................j..............@..@.reloc...............n..............@..B................0.......H.......D8..xL...........................................................0...........{.....+..*"..}....*.0...........{.....+..*"..}....*.0...........{.....+..*"..}....*.0...........{.....+..*"..}....*.0...........{.....+..*"..}....*.0...........{.....+..*"..}....*.0...........{.....+..*"..}....*.0...........{.....+..*"..}....*.0...........{.....+..*"..}....*.0...........{.....+..*"..}....*.0...........{.....+..*"..}....*.0...........{.....+..*"..}....*.0...........{.....+..*"

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Settings.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):22232
                                                  Entropy (8bit):6.788320274330726
                                                  Encrypted:false
                                                  SSDEEP:384:KRfHo/5GU8vEFP27xWkVbDWRpUmWWApxAM+o/8E9VF0Nyw+thXi:KSBZ8vgKxnVbDLmWTxAMxkEPhS
                                                  MD5:ECC17969BA3BA2588F958FBB74D31832
                                                  SHA1:507C4EC05A47DAEE872CEF1B9CB899DB9CD5E267
                                                  SHA-256:24EA5BC7AA5C9159D3EEA2D9D2C0B67761F2C60689425A7E51C3813A404218B8
                                                  SHA-512:01F6A5735967DD2F29635CF54CE550A3C00A46159BEF56D02599C6FB81B87AD061F528AED224D8C284C952F773D1C0097645B85BD9D68EEF21EFE01B5C828356
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....r^...........!.................:... ...@....... ....................................@..................................:..O....@..H............$...2...`......t9............................................... ............... ..H............text........ ...................... ..`.rsrc...H....@......................@..@.reloc.......`......."..............@..B.................:......H.......`$...............................................................0...........{.....+..*"..}....*.0...........{.....+..*"..}....*.0...........{.....+..*"..}....*..(....*>.r...p(.......*...(.......*B.r...p.(.......*2...(.......*2...(.......*..0..R........(........(.......(.......(.......(.......(.......(......ri..p(......r...p(......*...0..O........(........(.......(.......(........(........(........(........(........(......*..0...........{.....+..*"..}....*.0..........

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):85720
                                                  Entropy (8bit):6.104915138626695
                                                  Encrypted:false
                                                  SSDEEP:1536:d0Od8MEo3d9KHJ8CIbBsx1tST5WaS6i2lRsnTC4B7gKxnB3kxsY:d0O7d9CuCINKtg/SpNTLUKi
                                                  MD5:85E0306FE5A6D39C7F453EC1F9AEED9C
                                                  SHA1:31581CAA1160B686A161C296C461182F14E303A4
                                                  SHA-256:35230E1F488252A91FBD0C8D797775CB6F5FB5CA78F9C396AC955F83B14A22AF
                                                  SHA-512:78B3972FDB5C56069B3E5BF9BAD09474911CC47764B055EE1EE7D58E05BBD06B2C912E92FDED41B8CB58DA4391D19EE022B0B4844F8903C43A8C5269634C5845
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 4%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....r^...........!.................2... ...@....... ....................................@..................................2..S....@..H................2...`......p1............................................... ............... ..H............text........ ...................... ..`.rsrc...H....@......................@..@.reloc.......`......................@..B.................2......H...........|............................................................0...........~.......o.....+..*..0..&................s.......s.......s!..........*"..}....*..0...........{.....+..*"..}....*.0...........{.....+..*"..}....*.0...........{.....+..*..(....*"..}....*.0...........{.....+..*"..}....*.0...........{.....+..*..(....*"..}....*.0...........{.....+..*..0............(...+.+..*..(....*"..}....*....0...........{.....+..*"..}....*.0...........{.....+..*..(....*"..}....*

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):22744
                                                  Entropy (8bit):6.710292162480259
                                                  Encrypted:false
                                                  SSDEEP:384:MdF99O4KtMO1MAKEFP27xWkVbDWRpUmWWfaAM+o/8E9VF0Nygq:M99ZgdKgKxnVbDLmWdAMxkED
                                                  MD5:B8F7AA3D442D8A6A9267107C9BF56AB8
                                                  SHA1:85CC69E2EBFC875158222F6DD9E74EFBD5FF8F93
                                                  SHA-256:AD2B7A8D731AEF0E1ECFF183CBB011B06DAFE8AB4E6E1375F2FA740B98A87FCE
                                                  SHA-512:6F092D5A30D581152244B5502D7251BB4C2CF62EE278FD16125DB8B35D3D3954832220258A2CD14B91210F8ACB4BC26FC59D2FF40F466C62D51E7F5F48CB6048
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 4%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....r^...........!................N<... ...@....... ...............................7....@..................................;..S....@..P............&...2...`.......:............................................... ............... ..H............text...T.... ...................... ..`.rsrc...P....@....... ..............@..@.reloc.......`.......$..............@..B................0<......H.......p(..P.............................................................~....}.....(.......r...p}.....*..~....}.....(.......r...p.(....}.....*..~....}.....(.........(....}.....*..0...........~....}.....(......re..p...o.....+)..(.......rg..p..(......(....(....(........(......-...........o........o......o.....Yo.......}.....*.......!.8Y.......0...........s.......{....s........s ......o!.....o".......o#...............-..o..................-..o..................-..o........."..

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):108248
                                                  Entropy (8bit):6.046656929478169
                                                  Encrypted:false
                                                  SSDEEP:1536:qfYo/4Aayv+LzzHvfB8xO+pbkbBC70LYsxR42TdgTRWHV8OZkgKxnBr5xn:qQk4AayUfHvUO04bAMYsxfdg415ZNK7
                                                  MD5:77E4FC3552EFD1D3BB39B5DF14180E48
                                                  SHA1:072CA987F73F5D10E8575B40DA433242B1DD46DF
                                                  SHA-256:6F7D247D2EECDBD2ACFD29AE85802C84FBF6CACC3DA6B5B84D4B8FF3BDE74606
                                                  SHA-512:C8EE1D3187BEE0DDE3589AA5987069FD42DE9B0AC7BA95471447F3F3313E6C03F61056E5FC092EA30C676CA2296A9AD909F0EB8C61D0AB5994E30D131178C46D
                                                  Malicious:true
                                                  Yara Hits:
                                                  • Rule: JoeSecurity_GenericDownloader_1, Description: Yara detected Generic Downloader, Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll, Author: Joe Security
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 4%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...x.wa...........!..0..l..........2.... ........... ....................................@.....................................O....................t...2........................................................... ............... ..H............text...8j... ...l.................. ..`.rsrc................n..............@..@.reloc...............r..............@..B........................H.........................................................................{....*..{....*V.( .....}......}....*...0..<........u......,0(!....{.....{....o"...,.(#....{.....{....o$...+..*. ..'. )UU.Z(!....{....o%...X )UU.Z(#....{....o&...X*....0...........r...p......%..{.....................-.q.............-.&.+.......o'....%..{.....................-.q.............-.&.+.......o'....((...*..{)...*..{*...*V.( .....}).....}*...*...0..<........u......,0(!....{)....{)...o"...,.(#....

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):19160
                                                  Entropy (8bit):6.893535069138558
                                                  Encrypted:false
                                                  SSDEEP:384:T956KoMpkEHEFP27xWkVbDWRpUmWWq7/AM+o/8E9VF0NyZh:T95oX6gKxnVbDLmWj/AMxkEh
                                                  MD5:DBF84E036422C0DC38C2554EEAC2C563
                                                  SHA1:1DC421966B3B84521F487C471E4CF40E796FC74F
                                                  SHA-256:C66FB962D49715DE895840E4CD4A57064E9E868EF37A67936C2C09195093A574
                                                  SHA-512:C41AB9E907D787B84EB2FD4B25043A1AA01690F683D506E895FB24A1451C2B8CD358BC9DDF96091327616228558B6F3DE3DB6649DBC7A2F7683ADFBF10170F13
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....r^...........!.................-... ...@....... ...............................t....@..................................-..O....@...................2...`......t,............................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B.................-......H........!..|............................................................0............#(....r...p(.....(....t.....s......r...po......o.....s.......o.......o.......o.......o......r...po.......o.......o......o......o.....o ....s!.......o......o......o .....o....~"...o#......o$....*.0............#(....r...p(.....(....t.....s......r...po......o.....s.......o.......o.......o.......o......r...po.......o.......o......o......o.....o ....s!.......o......o......o .....o....~"...o#.....

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):51928
                                                  Entropy (8bit):6.015567831076375
                                                  Encrypted:false
                                                  SSDEEP:768:fzrzeuQ66+qbjHrXAh4RcveQLTilyKEkHgKxnVbDLma7AMxkEL:fQ66+ajj+XeQLTilyKfHgKxnBr7xn
                                                  MD5:FBB243F179EBBE8193891C5E0DE86FF9
                                                  SHA1:00F50696DC69454A13652F15E5B1095D0F23E36E
                                                  SHA-256:B7F9D190E1F58C8B09D98C056F292D4C14A5EF88AB8D69268DCB08B53B374743
                                                  SHA-512:63CE35D951DE1DE94B81500C79D171475504095DAD754CCB948B6AEB494AFA11C679391B87773A9C841BAB098DBA9E19CA5993B13734FB9637D36625002E1BD7
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....q^.........." ..0.............~.... ........... ....................................@.................................,...O........................2........................................................... ............... ..H............text........ ...................... ..`.rsrc...............................@..@.reloc..............................@..B................`.......H.......$P...]...........................................................0..@.......r...p.......(..........(....(..............~....ri..p.o........*.........).......0..b..........~.....{.....sT.......o]......@..~....r...p.o....(....o....... ..~....r...p.o....(....o........*.......... !. ........ A. .....0............sx...%.o'...od....%.o)...of....%.o+...oh....%.o-...oj....%.o/...ol....%.o1...on....%.o3...op....%.o5...or...........~....r...p.(....o..........+..*...........st..

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):27864
                                                  Entropy (8bit):6.482265738945267
                                                  Encrypted:false
                                                  SSDEEP:768:2ruIAfU0dOKwbfvXoCugKxnVbDLmW5xAMxkEh5:6xZb3TugKxnB35Zxv
                                                  MD5:3442D7F43B57552DB02DD69C13F6E682
                                                  SHA1:337797E4E458A6BE2B13DD3A8AC4F4B587A28B6B
                                                  SHA-256:3716FFC0F59070BE83C73BC403EFAC9F64BB359144A4278EE027F288DA4962BE
                                                  SHA-512:A5DE3F440B47C256A10A3BF6997955B3510AFF6025C234D216ED7312D1E2AF82B8B613578C8DEC45517D7A4ABB7A8DF33368F10DBAF5C7320A6C9212BE5BD98D
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 4%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......^.........."...0.............BL... ...`....@.. ...............................m....@..................................K..O....`..$............:...2...........J............................................... ............... ..H............text...H,... ...................... ..`.rsrc...$....`.......0..............@..@.reloc...............8..............@..B................$L......H........)..4 ...........J...............................................0..k.........}.....(.......~....r...po......(.....~....r?..po....... ..~....rw..p.o....(....o........~....r...po.....*.........+:. ....r.(..........(....(.........*....0..v........~....r...po......~....%-.&~..........s....%.....s....(......{.........,5.~....rE..po......{....o.....~....rm..po.......}.......2...(..........s....}....~....r...po.....r...ps.....~....r...p.o....r)..p( ...o.....s!....~....r=..p

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe.config

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):2379
                                                  Entropy (8bit):4.811294024220937
                                                  Encrypted:false
                                                  SSDEEP:48:cjkJnVUn1YNfN+QscuysXDXgFT05hh1A5Xw:7JVUn1YNfN+QscuFXDwFTa1ug
                                                  MD5:AED25C4BB45D63F367AC309DA2D91716
                                                  SHA1:295F9441CE64D87BC5489F2D5609E7704E302827
                                                  SHA-256:534FF170605C383FA723B662E49DAF7683C560727FD71211B28799C5A6AF11AF
                                                  SHA-512:AD144C6152BD8FABCC89FF502595281298C3857A8F2193F6B391ED7E137FA4B2A9E0FFCCD17C9C4FD5A691407D32339B4348B5FAF260DCDB5D2D0E6A63B5FDDD
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <system.serviceModel>.. <services>.. <service behaviorConfiguration="SearchProtectServiceBehavior".. name="Lavasoft.SearchProtect.WcfService.SerchProtectSearvice1">.. <endpoint address="" binding="wsHttpBinding" contract="Lavasoft.SearchProtect.WcfService.IWCAssistantService" />.. <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />.. <host>.. <baseAddresses>.. <add baseAddress="http://localhost:8733/SPServiceLibrary" />.. </baseAddresses>.. </host>.. </service>.. </services>.. <behaviors>.. <serviceBehaviors>.. <behavior name="SearchProtectServiceBehavior">.. <serviceMetadata httpGetEnabled="true" httpsGetEnabled="True"/>.. <serviceDebug includeExceptionDetailInFaults="False"/>.. </behavior>.. </serviceBehaviors>.. </behaviors>.. <diagnostics wmiProviderEnabled="true">..

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):64216
                                                  Entropy (8bit):6.165713563424136
                                                  Encrypted:false
                                                  SSDEEP:1536:HfYD/0cxUJ1Xu1BDQAMVuPNGTQbgKxnBrRxam:HfYD/05J1XTuPaQ0Kb
                                                  MD5:FC023BB2DC51EE410A64E8F8ED6E38EE
                                                  SHA1:A33BB8361B86083D79EEE5C861DF24CBB7CC3697
                                                  SHA-256:24BC639908655F304AF49512058EA9D77043E9326E3FB88EC5CBA98496FA03FE
                                                  SHA-512:12B5C3D08472BEF5B69BF1724AB1792BA8FB705490F1CCB94F802EFDFC2CDEAE14CC215A1B76CBB572690F66A45C122396BB2C800E3E553AD0179559EA45AA51
                                                  Malicious:true
                                                  Yara Hits:
                                                  • Rule: JoeSecurity_GenericDownloader_1, Description: Yara detected Generic Downloader, Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll, Author: Joe Security
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!..................... ........... ....................... .......-....@.................................H...S.......X................2........................................................... ............... ..H............text........ ...................... ..`.rsrc...X...........................@..@.reloc..............................@..B........................H....... ^...............................................................0...........r...p(.....rK..p.r...p..(......(......r...po......r'..po.......o.....(.....o........ijo......o............io.......o.............s.....o....&r1..p(.....*...0............rU..p(......o ...u:....o!...u<.....o".....s#.... .....>....... ....o$.....r...p(.....+$.....s%.......(&....... ....o$...............-..o......o'.....o(............o)...(.........*...............@.....(*...*.0..0........{......

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Microsoft.mshtml.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):8020696
                                                  Entropy (8bit):5.079618604604248
                                                  Encrypted:false
                                                  SSDEEP:98304:xpkg8hn8KiyAB84gPjKVuH62NhND7BMe8Ali:xpkg8hn8hStD7BMe8Ali
                                                  MD5:0874CC36EA5EF61AA77C1646B2395364
                                                  SHA1:444D277B3001E7734B2025B78DAD2FD5FC118367
                                                  SHA-256:3B8DAAEA57D531427E97D0D49676C55DD3740D37909F9333C1CAEDB53CF7AEC3
                                                  SHA-512:73FBDE59FA64FF5EA390743A7DE41E2D6560A4D924BCF8DCEB2FB43C721F6BEEBB85BB8BA26A2AF38C968653135537ECBFEA2CB7007B4C52FD762DD2F8771EB7
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....OR...........!......z.. ........z.. ... z....@. .......................`z.......z...@...................................z.S.... z.x............0z..2...@z...................................................... ............... ..H............text...4.y.. ....z................. ..`.rsrc...x.... z.......z.............@..@.reloc.......@z...... z.............@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\MozCompressor.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):67288
                                                  Entropy (8bit):6.502338153383933
                                                  Encrypted:false
                                                  SSDEEP:768:5rBX7I72YM1scqDAntonP1ZlojsSQobxMkgKxnVbDLmW9AMxkE4i:5rd7IkYd3onrgKxnB3VxMi
                                                  MD5:EE10C9257BBBF8EE7D5F33AA1C1993EA
                                                  SHA1:D4B4B791D54A91B11FB56FC8F861FDB083D4DD97
                                                  SHA-256:FF35427ED0FAF0B8DEEEEFAEEABF1969676CF2E511C43CE950A943070CF665DE
                                                  SHA-512:7A9283A8EF556DEFEE301D09C1B7788356612D39DDBBBF612679E2D33755DA876C29494E2DF7378615BBD470E3FFD10B9E2E191693C8650AD6EBF8786D5FDB52
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........,z..B)..B)..B)z.C(..B)...)..B)z.G(..B)z.F(..B)..B)..B).C(..B)..C)..B)O.G(..B)O.B(..B)O..)..B)O.@(..B)Rich..B)................PE..L...F.KZ...........!.....4..........{B.......P............................... ......0.....@.........................0...d.......x........................2...........Q..T............................R..@............P...............Q..H............text....2.......4.................. ..`.rdata..$....P.......8..............@..@.data...$...........................@....rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\NCalc.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):207576
                                                  Entropy (8bit):5.670327506897038
                                                  Encrypted:false
                                                  SSDEEP:3072:22iAvFOaMDARsHHAgJo2MXfFPM5aLo9CRNxbOnDPAtK2:22fgkRaHAgi2Cfu5aLo9CRNVO2
                                                  MD5:D9318ACE386C0701A1FE50D8274D432E
                                                  SHA1:40BDBE1B88160CF7322A47EAD7E94303FCBF70F2
                                                  SHA-256:9CF4C64C4D9DA5B85BCFE84678F4B2C5EBA179C751DD795051B0188136447C59
                                                  SHA-512:6AD5C9D42AE16F7E1F39CF3A2C560A6B3B3BDBD93FA6CB3B544837D74C750B8EF21EBEF8D656749527E9F2254EB6D483E436E0E491A9A7B99ECA8255B42DCE93
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....bxN........... ................j.... ... ....@.. .......................`......)...........................................L.... ...................2...@......................................................x................ ..H............text........ ...................... ..`.rsrc........ ......................@..@.reloc.......@......................@..B................H.......8....f............................................................(....*.0../........(.......s....(......s......r...po......}.....*......0...........{.....8.....*......"..}....*...2.r...ps....z....0..K..........o=...(......(....r]..po....&..o?...(......(....rc..po....&..oA...(.....*......0-............o....(......o......E....................s.......]...G...............1.......9...#...O...e...{...8.....(....ri..po....&8v....(....rs..po....&8`....(....r{..po....&8J....(....r...

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Newtonsoft.Json.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):438488
                                                  Entropy (8bit):6.099132549128608
                                                  Encrypted:false
                                                  SSDEEP:6144:dHerwzLkqCG3uKWf4g6tUwoOkErUx5/Rsnaszr0tZDPEaN+YB5+GonzM:dHerIacuKUtOkESbKQrvB5+VM
                                                  MD5:A7EF69C6E31C33EDA111374F47D248EE
                                                  SHA1:E20E2B9663D6B92771A915CC09DECAFE661FEDEB
                                                  SHA-256:9A1EDD05B0BC9ACBBFB4A288ACB0D1A64F2D21AC4255CF4818CC079F03F0FAA1
                                                  SHA-512:B5D6025025FB34AE0576C0D6EADDD3557829064FDD8927FDD36C360FB17F1AA1356FB107E7A10D67F2D8FF1BB82932857185EE1CFE156D0C5BC5A0D97A883454
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....L.R...........!.....t............... ........... ....................................@.....................................K.......8............~...2..........x................................................ ............... ..H............text....s... ...t.................. ..`.rsrc...8............v..............@..@.reloc...............|..............@..B........................H.......h...................X...P ......................................yK.N...f....i5.#I..xV. ..%BR..^.....t0"..z.%./.G'.j....{...2...k)w...'>.c..P..X.......n...h....E...ex..X/H].R.e.{..;&.-.'....{....*"..}....*V.(x.....(......}....*2.{....oy...*2.{....oz...*B..(....&..(....*...0...........oo........YE....}...............}...n...............n.......I...I...I...I...3...I...X...8D....t......{.....or...o{....ow.....+U..o|.....{.....o....oo...o}.....o....o....t.....o....o..

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\System.Data.SQLite.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):291544
                                                  Entropy (8bit):5.943890750111035
                                                  Encrypted:false
                                                  SSDEEP:6144:cjM6Mb15iJrFxrFPs2FNFaFeFOFwcGF6cmFWc0FWc8cIcKcUFJFpcNcHc7cbchFE:cj0h56rtFNFaFeFOFwcGF6cmFWc0FWcw
                                                  MD5:07F66AF9C9C3196BD1CE45EFD2A86829
                                                  SHA1:A3FBDF825E7C2EFAC10F92A7221F2FDC84272327
                                                  SHA-256:17690A9F602B17320D0F2ED9275FD91B56729F9CC5E21A5ECE467E0CD1F2ABF5
                                                  SHA-512:3318D72E778151341CA23AAA4A0990E464BDAF7E16A1244A6E7C453AB6B1C086529DBD48600DBE81FEF481C2AE2760A1973ACE967B16B49749D4B24236D8C9A2
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....*S...........!......... ......~.... ...@....@.. ...............................r....@.................................0...K....@.. ............@...2...`.......-............................................... ............... ..H............text........ ...................... ..`.rsrc... ....@....... ..............@..@.reloc.......`.......0..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\WcCommunication.exe

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):28376
                                                  Entropy (8bit):6.586484312943769
                                                  Encrypted:false
                                                  SSDEEP:384:IEc64QLLoHj/v+r3QL2qLjr3EFP27xWkVbDWRpUmWW8sOAM+o/8E9VF0NyuF:tLLoHj/v+3q/r3gKxnVbDLmW5AMxkE6
                                                  MD5:863811F273175823D7AAFE994611776A
                                                  SHA1:DF1FE42B0CA3B5D3DAC002C99E8E24F73A0DF7A1
                                                  SHA-256:6C860595B29DC88AC3E172A69772415151821CB6BC4562A17E282877CC2F13E7
                                                  SHA-512:1AC339C4B374CFEAB3140F9F0D10CCBC9280079CAC3706A3FF0D9A5DF1AC8A828E52962B52F27EDA1AAB7783A42AE732A8F7C4822D24FF97A75BD0D79C030B24
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e.................2...........P... ...`....@.. ...............................Q....@..................................O..K....`...............<...2...........N............................................... ............... ..H............text...$0... ...2.................. ..`.rsrc........`.......4..............@..@.reloc...............:..............@..B.................P......H........,...!......?....................................................0..n........~......r...pr#..pr5..p(.....~.....o..............-...rQ..po....t.................-..o...................+...*........).!J..........Y`.......0..7........(.........-...(....rg..p(.....+..#(....rg..p(.....+..*..0...........(....r...p(.....+..*....0...........(....r...p(.....+..*....0...........(....r...p(.....+..*....0...........(....r...p(.....+..*....0..t........~......~....r...p.o............

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\WcCommunication.exe.config

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):191
                                                  Entropy (8bit):4.913784939054981
                                                  Encrypted:false
                                                  SSDEEP:3:JLWMNHU8LdgCQcIMOoIRuQVK/FNURAmIRMNHNQAolFNURAmIRMNHjKbo5KWREBAI:JiMVBd1IffVKNC7VNQAofC7V2bopuAWj
                                                  MD5:E0D39F8E6C43896219E316B93EE705EB
                                                  SHA1:B564EA6A5AF48553990D645BF97508D99241B606
                                                  SHA-256:821164AEBAFECD5619DEDF42DA25BD8BA5354E4B9A959FE7002F7289C8D5D4E6
                                                  SHA-512:16DD522A12CDE214F699FA52CD1B19D22BF28078CAFD887B17F42983317CFA8CFEB2241669DC89EEBD1E5FA6E7D7332710BF1B02D5E9C23BAF918A16BBF17BF6
                                                  Malicious:false
                                                  Preview:.<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <startup>.. <supportedRuntime version="v2.0.50727"/>.. <supportedRuntime version="v4.0"/>.. </startup>..</configuration>..

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.Loader.exe

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):19672
                                                  Entropy (8bit):6.943633909963355
                                                  Encrypted:false
                                                  SSDEEP:384:aLXJWcC0/2EFP27xWkVbDWRpUmaWRSe2kAM+o/8E9VF0NyTT8:UXfn/2gKxnVbDLmaWjAMxkEC
                                                  MD5:4C8B24EB611C17039D7E182E66019535
                                                  SHA1:E559BD83C260256C26D7E8147C7D99E47DF56CD1
                                                  SHA-256:AE74D7A96DF99AA8817BAB0261DDA521DDF3D7FD1E1679C0412A6A64F1EF0CBF
                                                  SHA-512:E79BAF611D12E78C47B8CEC151671ACC9B1BBA93C947E98879B92C9420D88D2A1A86B6C17823C6DB6C5DBB15AE62E1F099F2487D12FD32BFE437B078907985B8
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e............................n/... ...@....@.. ..............................5w....@................................../..S....@...................2...`.......-............................................... ............... ..H............text...t.... ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B................P/......H........"..T............................................................0...........r...p.+..*..0..x.........(....o....s........o.......o.......o.......o......o................-..o..............(......o....r...po...........+..*........+=..........RS........(....*.0...........rS..p.+..*..0..x.........(....o....s........o.......o.......o.......o......o................-..o..............(......o....r...po...........+..*........+=..........RS........(....*.0..b.........~....o....

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):9332952
                                                  Entropy (8bit):4.301063556727778
                                                  Encrypted:false
                                                  SSDEEP:49152:aGPKPkE2TndsAV9hZXzIqaMOFdBrlsmyCkCKiBZ8:aGyd2LdsU/kLMOFnhsfvAa
                                                  MD5:11CE0FC17BFCDCCF929515BD90455BAF
                                                  SHA1:9526E6671F5436CC8A8F7FD3CF053BFFAF6678A1
                                                  SHA-256:CA41975E7FE1AD77957EE0978DB32F9D132305E0A2D8985F9D0AFFA0F425A5C0
                                                  SHA-512:1A2A0BC6BCE933D1A8BDB247A12AFC9389EC4DF787907F221C7F8106423F287CCA67E98CD11563C0F8A9D600355C478A6B8DA1C356400DE74DD7FB738B15A2D3
                                                  Malicious:true
                                                  Yara Hits:
                                                  • Rule: JoeSecurity_GenericDownloader_1, Description: Yara detected Generic Downloader, Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe, Author: Joe Security
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 4%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e.....................t.......... ........@.. ..............................!.....@.................................8..S........p...........6...2...`...................................................... ............... ..H............text........ ...................... ..`.rsrc....p.......r.................@..@.reloc.......`.......4..............@..B................p......H.......$...........U.........z..........................................0..=..........(......(......-...(.......(.........-...r...p(........+..*....0..r........~....r...p......(....o ......(!........-..(.......~"...o#...s$.......(%......!..~....rQ..p.o&...('....o(........*..........3O.!....V.....()...(*........*..(+...*...0...........(+......~....r...po ....~,....(....oS........-...(......+...(....(......(.......(!.....-....(...+}.......!..~....r...p......(.....o(.........*.

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe.config

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):19299
                                                  Entropy (8bit):4.7882380797092114
                                                  Encrypted:false
                                                  SSDEEP:192:TrBHn854AbwOVpLywKDcZXuK9BcrEPLUv0OUyr+so:T9HKDbwWKgwKz
                                                  MD5:FEED0F743DB90FBC95E33F081B50ACB0
                                                  SHA1:A2CC752167B06ED562C6EC00A4F994D8A59AD7F4
                                                  SHA-256:A1F55FB8A5E389B7727A683B2265C678D903A4F9CB08272AFBD922F41F18D7D2
                                                  SHA-512:5D627768DB6CE3D1A100A6A72E40CA477687E9785EFA9F78C23D375889CA8C748E432F5C25323D22F600768490DA25E7803E804B5B62D2F89696A5C1DB972241
                                                  Malicious:false
                                                  Preview:.<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <configSections>.. <sectionGroup name="userSettings" type="System.Configuration.UserSettingsGroup, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">.. <section name="WebCompanion.UI.Properties.Settings" type="System.Configuration.ClientSettingsSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" allowExeDefinition="MachineToLocalUser" requirePermission="false" />.. <section name="Companion.UI.Properties.Settings" type="System.Configuration.ClientSettingsSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" allowExeDefinition="MachineToLocalUser" requirePermission="false" />.. </sectionGroup>.. <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler, log4net" />.. </configSections>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="Theme" serializeAs="String">..

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionExtensionIE.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):2142936
                                                  Entropy (8bit):5.676585013396631
                                                  Encrypted:false
                                                  SSDEEP:24576:whSNSyjdKyijXu8i7WS1tZDDNFm/8u8dPDNYk5xIUu98KOsqADu:k0riNCWS1tlNFmmeSq99NfqAi
                                                  MD5:C323846407764C741B23987E7D6FCC46
                                                  SHA1:9AE2F11FEE6AA8EEFA6DDCF73A81995FF17CF920
                                                  SHA-256:50304E2429A42CB70D8D899BA6412221A9B91741443AE36191660CC645CF301D
                                                  SHA-512:C4069C298D64D45FA680DAABB8BAACB858F6328CEAD18A402AB357E8EAC9D7953623ECD1161BF7EF1759A054D46952159F6DEF27DAE51A7397504AA7D36BFDD1
                                                  Malicious:false
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........................-.#....,...5l....5l......r....,....].,....].-...]............Z...].....Rich..........PE..L....}`e...........!.................P.......................................P-.....O.!...@...........................*......+.......+.Lm............ ..2...@,.h....D&.8...................L/).....@").@.............+..............................textbssy................................text........@...................... ..`.rdata.......0&.....................@..@.data.........*..h..................@....idata..F.....+.....................@..@.tls..........+.....................@....rsrc...Lm....+..n..................@..@.reloc..o....@,......v..............@..B........................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionIcon.ico

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
                                                  Category:dropped
                                                  Size (bytes):24337
                                                  Entropy (8bit):4.401590449138391
                                                  Encrypted:false
                                                  SSDEEP:384:Zw3ziy+PnXdyyyyyyTOh3axqTS1mH3dS4w:Zw3zeG3DSG3m
                                                  MD5:1DD04466644E96E0AD308D1E637E9621
                                                  SHA1:0C7F688CA482FCD1FC9AA7D7518A5BC844875CFF
                                                  SHA-256:9733ED5E1E2CAEB0986F1D46A052B2D4BD8CD6B041B9F57216F12410605E8455
                                                  SHA-512:A92FF0A1B92B5B689BFC36A807F02D79B8DC3DD99971B3528AAFCEB8C1FC2DBC67BD170990723B34B26AC4EE7516EFA6B218C2ED1D422A422EDE7CF5FB9A3DA1
                                                  Malicious:false
                                                  Preview:............ .h...V......... ......... .... .....F...00.... ..%............ .{....D..(....... ..... ..........................................................................................................................................................................q...q...p...p...............................................s...o...p.`.p...h.............P.................................r...u...p...p...n.9...A...............................................~.w...o...r.................k...............................0.........p...x.....................#.....................................}...~.............................................K...........................................:...............................................................................h...................................................V.......'...............................................................................................................................W...^...^...^...^...^...^...^...^...^..

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionIcon_Pro.ico

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
                                                  Category:dropped
                                                  Size (bytes):25507
                                                  Entropy (8bit):4.77281362097441
                                                  Encrypted:false
                                                  SSDEEP:384:1oj8TMvkKFye5lBIt3ZH6X5HT8hfbzuX98q1Kk:9MM0s3hGHqzueqMk
                                                  MD5:BBD842A6E91D908141DE6FA59D3A9868
                                                  SHA1:3F387A45C09CC3894A6475C711C943EA3F70ED6F
                                                  SHA-256:D5A8246EF2075DAD3B3D582477CF757FE673A3A793EF3DE60DE82BF8581DA19F
                                                  SHA-512:F130188D69710DEBB2BBFB122C0BBBCF21F7356820226B0D8A668BF965B909C8F24DCEB2E75FF98E70ED02115903AC461D10BD3835632BF9D7A325C9610F0A13
                                                  Malicious:false
                                                  Preview:............ .h...V......... ......... .... .....F...00.... ..%............ ......D..(....... ..... ................................................................................................................................................................................................................................................\.....|.........\...5...................................................9...+.........................................T.....y...........................?...............................-...............................y...................................................................O.......................F...........................................!...............................................................`...............c...................................................0.......#.......................................................o...................................................................K...U...^...^...^...^...^...^...^...^...^..

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):468184
                                                  Entropy (8bit):6.484197232128888
                                                  Encrypted:false
                                                  SSDEEP:12288:v9FvkzVw/c/gYwx2b619WA1ENpdscZlnzY:XgVw/c/gZAscZlnE
                                                  MD5:4A54D7A825C126DF7F909DFCBAFFD9EA
                                                  SHA1:B0EC3785A9E027B4636469CE7DE9CFC0364D93A5
                                                  SHA-256:224DD756633F4D52D9284639FC73ED0DCEFA92DF857BBD65CA922DA66D7F39C8
                                                  SHA-512:38068ADBD0727CFD873E9F7B17D3BF0459124CBAD6A80372DC5C53EDCEA525EC5DE16168FDD0AAD5BB0F5B4C076917E1765EECAC96F0C4296F6B01A942B32C11
                                                  Malicious:true
                                                  Yara Hits:
                                                  • Rule: JoeSecurity_GenericDownloader_1, Description: Yara detected Generic Downloader, Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe, Author: Joe Security
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 13%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e.................|...t........... ........@.. .......................@............@.....................................S........q...............2... ......p................................................ ............... ..H............text....z... ...|.................. ..`.rsrc....q.......r...~..............@..@.reloc....... ......................@..B........................H.......h....j...........g................................................~....}.....(......s....}......(....}....*br...p.{....(......(9...*.0..j..........{....rk..po....,.(.....+.(......r}..p(......(......r...p.{....o....o.......(........s.........oP.....z*..........UU......6r...p..(9...*.r...p.....*..{....*"..}....*..{....*"..}....*V.(......(......(....*6r...p..(9...*.0..3........(....( ...,..(.....(.....(!.......s^......oP....z*.........!!......6re..p..(9...*...0..M.......

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe.config

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):2720
                                                  Entropy (8bit):4.98742519627159
                                                  Encrypted:false
                                                  SSDEEP:48:c5+qM3DmNwAGDo2cCSIn6la86Vr6R841docr7S36Ek+HEkHQB:jV3gUka8arAN3r7s6Ek+HEkH6
                                                  MD5:1103E1618F5BB75851E0F0C753EC8EC5
                                                  SHA1:CBECB3538CAD8585A4B1962098F1B427DC6984B3
                                                  SHA-256:133F4FCE3A299387263F849250CCEE387B137EE3FF36C6B44B4C02328EDFAAF3
                                                  SHA-512:C005F7873896B8B28C228CFC8CB51BF8A0F9BFEF917A6AF5F0FE32DCC7E818FFB48026FD00A13BF30E82A3383765F2500DD709A25806DAA199829991A9FC9725
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <configSections>.. <section name="ProdSettings" type="System.Configuration.NameValueSectionHandler"/>.. <section name="StagingSettings" type="System.Configuration.NameValueSectionHandler"/>.. </configSections>.. <ProdSettings>.. <add key="Installer" value="https://wcdownloadercdn.lavasoft.com/9.1.0.993/WebCompanionInstaller-9.1.0.993-prod.exe"/>.. <add key="WebProtectionZip" value="https://rt.webcompanion.com/notifications/download/rt/dci/latest/Webprotection.zip"/>.. <add key="InstallerZip" value="http://wcdownloadercdn.lavasoft.com/9.1.0.993/WebCompanion-9.1.0.993-prod.zip"/>.. </ProdSettings>.. <StagingSettings>.. <add key="Installer" value="https://wcdownloader-qa.lavasoft.com/9.1.0.993/WebCompanionInstaller-9.1.0.993-internal.exe"/>.. <add key="WebProtectionZip" value="https://staging-webcompanion.lavasoft.net/dci/3.0.1.9/Webprotection.zip"/>.. <add key="InstallerZip" value="https://wcdownloader

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.pdb

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:MSVC program database ver 7.00, 512*1591 bytes
                                                  Category:dropped
                                                  Size (bytes):814592
                                                  Entropy (8bit):4.528490708053113
                                                  Encrypted:false
                                                  SSDEEP:6144:2LGcw7ZXbXEdW7FxIwp7ZwCkYCp7CMT9sWHdQEPPkdId+lMrwIx1tU:Dcw9XbXEERb6PCHkQaPkw8
                                                  MD5:1AD3305BEF3506CDF611B27FF3EC466E
                                                  SHA1:7CDF154A799CF1B5031E7A6794A5D3E5D73BCAFA
                                                  SHA-256:AD16E6C8EF7F53A94CC5715A9020BB1370D47AB19B3F056E80807E3CEF504CBA
                                                  SHA-512:24409A2FC124F08FAC656FE10138D0BA98134256A3ACE62F648F9611C858DABBB86ADCA0A887479C7E01205942597CF9A1D8120C179FF91C2243D046461DE061
                                                  Malicious:false
                                                  Preview:Microsoft C/C++ MSF 7.00...DS...........7...\.......6...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................8.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebcompaionReimageIcon.ico

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
                                                  Category:dropped
                                                  Size (bytes):17542
                                                  Entropy (8bit):5.487981305511366
                                                  Encrypted:false
                                                  SSDEEP:384:BdYS3Ocd/mFBeSpTKgxiL6+6W7rdfiV8lER:BS5cdIgSML5gqla
                                                  MD5:9932F44F84F0693AD7D3B7F5E41B5C3F
                                                  SHA1:681EDED9A3F513FE1BC067817A3A5C7CE9277624
                                                  SHA-256:8E10EDC1E341C0B89232811BF8B71CA1A1EEDC8CA78B79432C4AD702591B2DE5
                                                  SHA-512:3E522306ADB5ED30C2E448329B9952AACACA29543CF8152435E2B8ABC85F9E546EE3D7BC96C6EAD9EDC99686102FD6B1488A5C5C2104A7D838EAE47F2AB6912E
                                                  Malicious:false
                                                  Preview:............ .h...F......... ......... .... .....6...00.... ..%......(....... ..... ......................................................4Of.a...Qz..?`..9YC.]...1L...................................%f.i...x..."6...$...3..*F/(u.B3...:....................8W..2N#.)A..........|....&..:Q.....J...M..x.....................{...f.T.Hl..........J_......>O.(...Y...T...........................[.j.u...........L]..EV.+z..&...V...P.............................m........BfL.Tm;.\v>.dp!.Fe=.I...J..FS.......................9..,...2...\~H.nd...|......uq..6..U7...7...ml6...........>..X`..!...-...N{Y.ul..............of./sk............$...p..........3v..v.........Q...:... .~..qh.8yq............@...m..|....FHH._g\......................K;5..`[........}...j......w5>POI.UUQ.r...`...3.......U.........R..a...b.............LA..M?..571.L...W...-...8....Rn./....?SH..h..}H...N.............qa..n^...-$.2...U...;...;...3... `u..2I7.5L.............................&"..&DM.F...X...T...k...H[i%.#A.:Rg.......

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\acs17.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):1155800
                                                  Entropy (8bit):4.990801168164284
                                                  Encrypted:false
                                                  SSDEEP:12288:rcLFGWXuQlDlaMqzegia2lKF2Y52eDzl1DoDzmbPL3:rOGWXu6oMqzeu2l452eDzl1DoDKLL3
                                                  MD5:0FFE4FFD766FFA9D3B0C133D2988AE1E
                                                  SHA1:FD8F4697ED0436C25430A30D08F43E55B21A7AE5
                                                  SHA-256:BDF972AD8CBDF9C001DC625078DD1C9856A77FDBF1C67E4D4298FA4FB74503A4
                                                  SHA-512:5FE879FFB12B9F780EAB22F147719391A008EFAB35C74447425FF220FB7C88EE0C4F25CEF70A40DB755414790EF55C927CAA8814DD63D5D66ABAC674ED84B9A8
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........v...%...%...%...$...%...$...%...$...%...$...%...$...%...%D..%...$...%...$...%..d%...%...$...%Rich...%........PE..d...{.p].........." ................X.....................................................`....................................................d.......<.......D....p...2..........0...8...........................p................................................textbssMH...............................text...1....`...................... ..`.rdata.............................@..@.data................D..............@....pdata...............R..............@..@.idata.../.......0..................@..@.msvcjmcr............N..............@....00cfg...............P..............@..@.rsrc...<............R..............@..@.reloc..W............X..............@..B................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\de-DE\WebCompanion.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):70360
                                                  Entropy (8bit):5.434395456562737
                                                  Encrypted:false
                                                  SSDEEP:1536:tMcLJFVnQNIlEe3AkolQ+c1iJ0ZF3U1gKxnB3xxv:5lEcAkOQ+cAykCKP
                                                  MD5:0D00AEA1A0C99CAFAFCB5089363E3815
                                                  SHA1:31416137CAB4A7AD069CE941CA22BD834C6D1422
                                                  SHA-256:958C4C97914A40378936DD11000D0706D2BBC92623790A05E80B715C53E7D8A2
                                                  SHA-512:661BF1661A7802175B529C3AEE032B2A4A6B68EF3D28F97A2743245F0D5080F20BD0D1E968F9207568FE36FA47A0FFD0908E135957A4557C361E5869F6C4FF23
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!......... ........... ........@.. ....................... .......q....@.................................P...K........................2........................................................... ............... ..H............text........ ...................... ..`.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\de-DE\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):23256
                                                  Entropy (8bit):6.81617229357187
                                                  Encrypted:false
                                                  SSDEEP:384:VV4qrRdcVt8f2wpLS5wvdVCkLpljoBeRKMukBEFP27xWkVbDWRpUmWWkNAM+o/8y:VaqrLat8f2wpLS5wvdVCwplU88MukBgo
                                                  MD5:622A3812AB9D2C9F433C5FAF01292074
                                                  SHA1:8812F890204B616436C2D1832397923EC935F80E
                                                  SHA-256:57E207661A0A3FDE7D85D692697CC7E42F279A2828EB10C5EE198BCF29681070
                                                  SHA-512:56F1F54A0631918625FD387D04B8222353D5CE63BA5D29C73E76A916574356D67663AF4A6D7AAFC4EA25BB63D0D13827190A0EF69ADDA17BD6A843594330B6E3
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!..... ..........N?... ...@....@.. ..............................~.....@..................................>..S....@...............(...2...`....................................................... ............... ..H............text...T.... ... .................. ..`.rsrc........@......."..............@..@.reloc.......`.......&..............@..B................0?......H........;..d...........P ..C...........................................?..............lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....E.......PADPADPP)6..).......n.....V ..(`5.........]....}........E(/...-.C.... ...#..S.n....xv.|.-.D...................w#(..X:..o.......V...h...................v..-../.x.EZ....1.N...D|-..... ...?.!..v"..v"..v"..v"..."...'vAw(...2c$Q:

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\en-US\WebCompanion.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):70360
                                                  Entropy (8bit):5.396990834833947
                                                  Encrypted:false
                                                  SSDEEP:768:ZwA5BhdiFMxs54sun8CoJOjrdPh27a6ocsTcqom7nQ51KolYLY7rukYM81i/v0Ro:qcJjoXz4VRPFjUegKxnB3Yxv
                                                  MD5:F4914DF42F6FA61CAE2A5F5B28ADC5C8
                                                  SHA1:6066B27701E56BD1352568A00D97D38FEF151DB0
                                                  SHA-256:0EF0DF9424BF4A7B61C04EF946B229DE34D84FA718202CA26D50844D41BFC7B2
                                                  SHA-512:220363849BE32D58FBEC90D08ACF9A3576DF858B220A1CA6A86A8C9736027A2CE0758015DF11B5DC476806B111D466B535D17B76C68391C3BB5C210D23DC307D
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!......... ......n.... ........@.. ....................... ......6.....@................................. ...K........................2........................................................... ............... ..H............text...t.... ...................... ..`.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\en-US\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):22232
                                                  Entropy (8bit):6.855853585833314
                                                  Encrypted:false
                                                  SSDEEP:384:V4yy+cVgVxrQlCRLw4FvgVKRTuE4EFP27xWkVbDWRpUmWWWDAM+o/8E9VF0NyIYC:ayy+agVxrQlCRLw4FIyuE4gKxnVbDLmJ
                                                  MD5:EBD2CE82EAB1F14153ED0CAF715B9FAB
                                                  SHA1:3445025CEC9AC428B08C4762115E9888D4E0D640
                                                  SHA-256:2BCEF6B867471FE88D4FD0896E523AECE6DEDB02781B352247A684965D56796B
                                                  SHA-512:201BB1538860099525E5F1EDBFC0A253D9552CEE99F858EFAB418A072495D8D911104AF046B121A508BEC37A5C2CB7FAA9EC1C7AE51BB7256747211E58C0A3EE
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!.................;... ...@....@.. ..............................O.....@.................................T;..W....@...............$...2...`....................................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`......."..............@..B.................;......H........7..d...........P .............................................................lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....C.......PADPADPP)6..).......n.....V ..(`5.........]....}........E(/...-.C.... ...#..S.n....xv.|.-.D...................w#(..X:..o.......V...h...............v..-../.x.EZ..N...D|-..... ...?.!..v"..v"..v"..v"..."...'vAw(...2c$Q:#Uv=..C?

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\es-ES\WebCompanion.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):70360
                                                  Entropy (8bit):5.3736485691944065
                                                  Encrypted:false
                                                  SSDEEP:1536:iFNsX1Irj+9zewWdYzydz+ChJ1b7HO6mmCY2mF4FbUAgKxnB3Ux2:cyCKIpKB
                                                  MD5:82D351ABB86B4BF1850125175BA1EB94
                                                  SHA1:9622FF593DBAE95FD2B6E783719812577C7238A8
                                                  SHA-256:330B7D3D849EA4BAE8E52392B3A90B78482C508DEE1950600FA8DEED89B9EF5A
                                                  SHA-512:54A657872DB5C6B377B143C8DD6FE0EC1FB9A89F15C736F9A5D802C13571D110E1022802D14E1701B66BDBAD385295BAE2E8076D455FA7249993575703C11107
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!......... ......^.... ........@.. ....................... ......].....@.....................................S........................2........................................................... ............... ..H............text...d.... ...................... ..`.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\es-ES\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):23256
                                                  Entropy (8bit):6.774373547894112
                                                  Encrypted:false
                                                  SSDEEP:384:y4qrRdcVkvZYS7hKMwa8XUAzPpY5uxHEFP27xWkVbDWRpUmaWcSkqmAM+o/8E9V6:PqrLakvZYS7hKMwa8XUuPpwuxHgKxnVc
                                                  MD5:8EBE467D4D518913B034C167DACB9ABA
                                                  SHA1:A10B923D6B470E01C71738E534BDDA1D9EEE69F1
                                                  SHA-256:72A2D107F0AE1D58DABB097C332E1DC17747ADF395A4EBBB1BA0A592E8B5658C
                                                  SHA-512:FBB37E0F4EC82F82BD2880F726505AEE6C857186C872D906E9A9E3B8608BBB2DC22786222CACAAFD3F298D0E0A739D3D87746076FE1956485C4185AA8D6FACEB
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!..... ..........>>... ...@....@.. ..............................#t....@..................................=..K....@...............(...2...`....................................................... ............... ..H............text...D.... ... .................. ..`.rsrc........@......."..............@..@.reloc.......`.......&..............@..B................ >......H........:..d...........P ..<...........................................8..............lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....E.......PADPADPP)6..).......n.....V ..(`5.........]....}........E(/...-.C.... ...#..S.n....xv.|.-.D...................w#(..X:..o.......V...h...................v..-../.x.EZ....1.N...D|-..... ...?.!..v"..v"..v"..v"..."...'vAw(...2c$Q:

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\fr-CA\WebCompanion.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):70360
                                                  Entropy (8bit):5.476784824510849
                                                  Encrypted:false
                                                  SSDEEP:1536:/UewfIiZCYrZq+YNFMoFdUEgKxnBry0xY+:KBZCYrMnNF9WtKE+
                                                  MD5:2E35ED9C32267E24A567E1B2AC4D6700
                                                  SHA1:4E6266E4CA52B5D8BBCB24377A01F5B0D054DEB6
                                                  SHA-256:3C23520AB1A50303435F94512B1C1CAE9757090C876C00BE3D675B3CE75F8602
                                                  SHA-512:9CB068E18C55EC3E35FEDF1257E0A91750C05B3814541A920029DC7141BAC7C94833911C492B0FF911D83F07A29213930131D74993DAC978A1C769E43D777AFA
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!......... ......n.... ........@.. ....................... ......x:....@.....................................W........................2........................................................... ............... ..H............text...t.... ...................... ..`.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\fr-CA\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):23256
                                                  Entropy (8bit):6.815121956939367
                                                  Encrypted:false
                                                  SSDEEP:384:C4qrRdcVRVQBHQX7SwUHZg6sj0uVREFP27xWkVbDWRpUmWWFRLjAM+o/8E9VF0N/:/qrLaRVQBHQX7SwUHvi0uVRgKxnVbDLj
                                                  MD5:6E6CF3659F8160778F7FDBE7E691B77C
                                                  SHA1:1D31E6A389486F13DDB9BDBA4C7B2E7E3EECBD8C
                                                  SHA-256:D396249B26D957F81A67640A94DCF3EC38B1567EC3F856717BF952AF5ED61234
                                                  SHA-512:E66243D30E33ABD533741B21F44FD238F5D2C28C978136440E746D5639A8B60414240E13B807A5775FC826CAC48067A1482F7C400B5973DBB5DB5CE2C54CAB2A
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 5%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!..... ...........?... ...@....@.. ..............................+[....@..................................>..W....@...............(...2...`....................................................... ............... ..H............text...4.... ... .................. ..`.rsrc........@......."..............@..@.reloc.......`.......&..............@..B.................?......H.......p;..d...........P .............................................................lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....E.......PADPADPP)6..).......n.....V ..(`5.........]....}........E(/...-.C.... ...#..S.n....xv.|.-.D...................w#(..X:..o.......V...h...................v..-../.x.EZ....1.N...D|-..... ...?.!..v"..v"..v"..v"..."...'vAw(...2c$Q:

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\it-IT\WebCompanion.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):53976
                                                  Entropy (8bit):5.289237421777621
                                                  Encrypted:false
                                                  SSDEEP:1536:r2lxNleRvZwZsUUUHNxpF8Un5KgKxnBrVoxc:yeRvysNeNFN5KX
                                                  MD5:6ED2F9C7B51A5118BCF0B40B378F7F57
                                                  SHA1:9D2ABF1B8D26E5547B3FDC332043285C5993498C
                                                  SHA-256:15B388B7B17706593D796A9DF7C963A0935CCA79FE91477A6E9F57E79EB9017B
                                                  SHA-512:6A1FF450F677B0291B9AF1C0DB8DB7785490BF8688F7211E405F82AE0E40DE3B6B68B5870140B0BD272B270A03A4ADE90071820EF9E04DDDDFD311A7F245484B
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!.....p... ........... ........@.. ...................................@.................................T...W........................2........................................................... ............... ..H............text....e... ...p.................. ..`.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\it-IT\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):20696
                                                  Entropy (8bit):6.876306618838897
                                                  Encrypted:false
                                                  SSDEEP:384:DipngXcq9ePTTuHsEFP27xWkVbDWRpUmaW71WXTAM+o/8E9VF0Ny+NJk:DipngXcq9ePTTuHsgKxnVbDLma3DAMxB
                                                  MD5:F8F1730D80211E96BD0C3538DE34900A
                                                  SHA1:B36F016065478A42CD9AFFB125E9497A645CCBF8
                                                  SHA-256:C07EEECC8EF58D7E11BBB6CAD8D89F5BF17B54A4DAABAC3544CDB139B43B1B93
                                                  SHA-512:E5A0F3C182FD144462305EB0BE4EB05AD682482AAD729119925E9A8877C6F478E577128CE3185D3BCEAE5C899C87B973AF58D1CB91DA9A14935C3C6E838226BC
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!................^4... ...@....@.. ...............................h....@..................................4..W....@...................2...`....................................................... ............... ..H............text...d.... ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B................@4......H........0..d...........P ..O...........................................K..............lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....+.......PADPADPP)6..).........V ......]....}..........-.C.... ...#..S.n....xv.|.-..X:.....V...h...................v..-....1.D|-.. ...?.!..."vAw(...2..C?.9.W.F.^:1;j...p..cv..~...~[...............7...L...2.......................".......

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\ja-JP\WebCompanion.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):53976
                                                  Entropy (8bit):5.4331917192917745
                                                  Encrypted:false
                                                  SSDEEP:768:C34u+ZyqauI647SbFIlBv5v2xAoq7HHj8XnGZqHnamyr1MhuFn6RbFJDw8M9uiqH:CIsWxOGo8MqjN3LFLUXgKxnB39Nxw
                                                  MD5:C31118E85C2B1013CA9D308D568B6530
                                                  SHA1:73A78DBAE4FECFACA3A9FC71CD4F83944FA2E4D1
                                                  SHA-256:2562BA5BACFC45DEE92A6EF7CC59C2B1E5E32F2FB9A0BFEFCE74F059332E4168
                                                  SHA-512:1AA5D614F149B0D75EC5753DB711F0A5E9F89D1D44F23C5D9056B60F44D1FFF22313195B059232A54926B0FD7D3E62354D2A52A6BE5DEC12E8AEEEF9468AB655
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!.....p... ........... ........@.. ...............................\....@....................................W........................2........................................................... ............... ..H............text...$a... ...p.................. ..`.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\ja-JP\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):21208
                                                  Entropy (8bit):6.997260664550426
                                                  Encrypted:false
                                                  SSDEEP:384:ji04koE4Z3v5suBtEFP27xWkVbDWRpUmaWIz3AM+o/8E9VF0Nyyw0:ji04koE4v5suBtgKxnVbDLma5zAMxkEk
                                                  MD5:A0D5255B69DFEB6F0097088A6A848DB9
                                                  SHA1:D8945A27708FECD1704B9D6CDD952E9F1BC931CF
                                                  SHA-256:01BE9779D059621E00D2B1BF58735309F63000A9F87544F55165090DF9712B7D
                                                  SHA-512:498E899451E7232E68CFE1092E93B96AFC311F903DE759B7CDF35FB1B0A918007A041933047FEBBEE95F6155972C67E27B7057CABB0D8CDDB21B767A5EF64FC4
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!.................6... ...@....@.. ..............................#.....@.................................86..S....@............... ...2...`....................................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B................p6......H........2..d...........P .............................................................lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....+.......PADPADPP)6..).........V ......]....}..........-.C.... ...#..S.n....xv.|.-..X:.....V...h...................v..-....1.D|-.. ...?.!..."vAw(...2..C?.9.W.F.^:1;j...p..cv..~...~[...............7...L...2.......................".......

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\liblz4.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
                                                  Category:dropped
                                                  Size (bytes):136928
                                                  Entropy (8bit):6.4414869302047135
                                                  Encrypted:false
                                                  SSDEEP:3072:VcAPIq7L/iB8HVC4Gom8luKyldZsKI4jiK/:+APIq7Lc8By88Hfj7/
                                                  MD5:30E66E2CBD4BDC29CBCFB45945E79603
                                                  SHA1:2F6109603A7A78074CF7DD6E87DFD90FEA8A39E1
                                                  SHA-256:901F2A3A4F3A1FB18F9DAECD6CE0FC5528B5CD1365BAFB1E5BCB2B8A5D1AD398
                                                  SHA-512:847DBFAEB547D43B711B1067661A646A145D052A0D48BC04B38DD80E8CE0329830CA50464D0C488CB1783F9FF2B5168B78DA28CDCA1473B728B790DC1A59BB4B
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..../.Y...........#.....l..........`..............f......................... ................ ..........................................................2..............................................................l............................text....k.......l..................`.P`.data................p..............@.0..rdata..D............r..............@.`@.eh_fram<........ ...x..............@.0@.bss....t.............................0..edata..............................@.0@.idata..............................@.0..CRT................................@.0..tls.... ...........................@.0..reloc..............................@.0B................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\log4net.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):324312
                                                  Entropy (8bit):5.630837028313251
                                                  Encrypted:false
                                                  SSDEEP:3072:Uqc3k4mtsi40XigRvjAIg8J911rTJZq4+wYxEwKbEAfKQPL5ds6vOn7GGkXnEc1c:g3CX1AIg8JRfJYmYxEwna5dY5xr
                                                  MD5:B16A26AE4D964B555BFD602DF4B23185
                                                  SHA1:F062C42736C349032292732906847E348B665DD4
                                                  SHA-256:87253E71732F747E3B44744AFA087669B9BAA851DA88CA637994B905E0A02AB1
                                                  SHA-512:2E1A9983E92FAC56AE81CC3911E7499AB56989DF01B0D32A5DA92251B3136F09EECE23029E294FC5D27B435B25D32066C3600F5D4767FA6EA3BA8658B93E847B
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....R...........!......... ......>.... ........@.. ...............................q....@....................................W........................2........................................................... ............... ..H............text...D.... ...................... ..`.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\pt-BR\WebCompanion.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):58072
                                                  Entropy (8bit):5.389809749618498
                                                  Encrypted:false
                                                  SSDEEP:768:qwSqPFFDWXWp48MttaDLllroVyutp5hpu0YjVjTZHixA23CFIjYnWM0Eq4olPTO7:qRJ5XRpnC8UoFyUAgKxnB3wxCRl
                                                  MD5:B48559F2350F2D9622F90709D3960BAD
                                                  SHA1:2E7CB0413C2E029BA22B06EEDA1A3601F14AD96D
                                                  SHA-256:222CF9A2720E9FC6B3CA6B121848780B0C38A9BB4DBF28FDF0A0532E67BED186
                                                  SHA-512:6B6D12EAD284849A3F42981494D83AEED0215740E9981FBFD45A1673A9FAAC7EC2D2B6F72F3EDF2825F8796D338BE0A3A6BB330CE71C6F29A77ECE691DA52576
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 4%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!......... ........... ........@.. ....................................@.................................h...S........................2........................................................... ............... ..H............text....w... ...................... ..`.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\pt-BR\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):21720
                                                  Entropy (8bit):6.868930787686632
                                                  Encrypted:false
                                                  SSDEEP:384:8lmcDiBsX8inGf6o8uTsKEFP27xWkVbDWRpUmWW9aZoyAM+o/8E9VF0Ny15:omcDiBsX8inGf6o8uTtgKxnVbDLmWdAC
                                                  MD5:E20AAE5D6632F939642BEE19B1E0EC77
                                                  SHA1:7F8B0C5041D61D89E2FD753B4FDD01450729D90C
                                                  SHA-256:E0CC89AA6CEF04E2DABA10DA4E08876C7605A770C1F0B49424A7106FA433C945
                                                  SHA-512:08495090398956D3C89E5481DD6FBFD91D25F712B50D0DDF1EE293EEFBBCA474038FD501ACADB12770ED017FC2C4DA212CCD0652BB3909D6E6E6E05CCDBE77EA
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!.................8... ...@....@.. ....................................@..................................8..W....@..............."...2...`....................................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`....... ..............@..B.................8......H.......05..d...........P .............................................................lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....7.......PADPADPP)6..).......n.....V ..(`5.....]....}........E(/...-.C.... ...#..S.n....xv.|.-..X:..o.....V...h...................v..-../.x...1.D|-..... ...?.!..."...'vAw(...2c$Q:..C?.9.W*..Y`..[.F.^:1;j...pg.Jq..cv...w..~...~u.......

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\ru-RU\WebCompanion.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):70360
                                                  Entropy (8bit):5.386484108115269
                                                  Encrypted:false
                                                  SSDEEP:768:HOa9m+kM04KCP4MN94KTl524mkx+Mo+NKpvqkuoeZ60CTKWfdH2Jxq+CAsP95DzB:HPcexNGPnB1j12UAbPFGUVgKxnBre4xq
                                                  MD5:85D1458464D66E91FA3F80468B0CED56
                                                  SHA1:3487228A1D6A56661FD21719495DE7E28F15FE9E
                                                  SHA-256:AFAAA9F8E925E97C5795AA23E356EC34F342EB5C5078FFE398A737AE03E51874
                                                  SHA-512:8E81D0E3E324DE263CC8BBEE411607539C5F8BC0440ADEE059A994A52615CE051918DCD3E62C5F51064789B4EA7DEB6FF374C9E10BDB613D43AE542C0E095F7A
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!......... ........... ........@.. ....................... ............@.................................P...K........................2........................................................... ............... ..H............text........ ...................... ..`.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\ru-RU\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):23256
                                                  Entropy (8bit):6.920099084869181
                                                  Encrypted:false
                                                  SSDEEP:384:UlmcDiBGp+oLfntalaIip8j1g48u8JEFP27xWkVbDWRpUmWWu06AM+o/8E9VF0Nn:gmcDiBGp+oLfnt6aIig1gzu8JgKxnVbi
                                                  MD5:E7BB5A05AC635B9E619242E46E8E95B6
                                                  SHA1:FD45D0AC04EE7F313FABD7F7765FC008FED9A151
                                                  SHA-256:FF516EED3FCF0FA3AA01DFF426B325B2196E5EE29B82732730AC5ED3DF88D99E
                                                  SHA-512:9780BF4B834C7B86E77D69346B89B9FE08CBA98F5D3C963D4A881ED20B240E1419BB190295453D2ED9CA55A9E85DFA336BB6A69AC02BE40B71086A4D15296538
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!..... ...........?... ...@....@.. ...............................>....@.................................`?..K....@...............(...2...`....................................................... ............... ..H............text........ ... .................. ..`.rsrc........@......."..............@..@.reloc.......`.......&..............@..B.................?......H........;..d...........P .............................................................lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....7.......PADPADPP)6..).......n.....V ..(`5.....]....}........E(/...-.C.... ...#..S.n....xv.|.-..X:..o.....V...h...................v..-../.x...1.D|-..... ...?.!..."...'vAw(...2c$Q:..C?.9.W*..Y`..[.F.^:1;j...pg.Jq..cv...w..~...~u.......

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\tr-TR\WebCompanion.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):49880
                                                  Entropy (8bit):5.3964457200947
                                                  Encrypted:false
                                                  SSDEEP:768:934u+2zdcH4J4cbLkfbFvalCQkcvvpGghZmE7E4YPiIl1P1jv1dx7lQGARKRnQJB:9IZYkvsKqReFBUqgKxnBr6xNn
                                                  MD5:068E3CAD96A0A22BC41DB2A359E78011
                                                  SHA1:7690F6D5A3321EAFA1B3F23EB480518E0B47627E
                                                  SHA-256:62D28766204A2E6F6CCEAA2EE60F3490FECFDA84EF2D083FAAA2A80260B65154
                                                  SHA-512:8EBF48C1A85137C9E86C902956225B185F0616E6B31E3C796B8AF065D48FFFE81AA3D400180EA360B390C18E89F6541FF0292D1ACC1607017878649D4B4212E1
                                                  Malicious:true
                                                  Antivirus:
                                                  • Antivirus: ReversingLabs, Detection: 3%
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!.....`... .......w... ........@.. ....................................@..................................v..W........................2........................................................... ............... ..H............text....W... ...`.................. ..`.rsrc................p..............@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\tr-TR\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):20696
                                                  Entropy (8bit):6.974305548496526
                                                  Encrypted:false
                                                  SSDEEP:384:+iAta8UHpTuuOEFP27xWkVbDWRpUmWWZTAM+o/8E9VF0Nyv7:+iAtahHduuOgKxnVbDLmWmAMxkEt
                                                  MD5:868A04E480DCB4EC86BC4C0E2F4DA91B
                                                  SHA1:E02BF86E0F58E34BACAF9711BE0DE64E40E061B8
                                                  SHA-256:A2701DEDFDB54D5DDA841E9E65E4CD65DE04719FC9B2EB18022D3001636079A9
                                                  SHA-512:4C1EA6D0AD6B1CA73B4FF5A43BBB91DB71C65344609799C84D6DA505236FCA890133CED9698F66801E46B40E6C45BCA98F2428B3A44E0AF8BA04329977A4DA7E
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!................N5... ...@....@.. ...............................[....@..................................5..K....@...................2...`....................................................... ............... ..H............text...T.... ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B................05......H........1..d...........P ..I...........................................E..............lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....+.......PADPADPP)6..).........V ......]....}..........-.C.... ...#..S.n....xv.|.-..X:.....V...h...................v..-....1.D|-.. ...?.!..."vAw(...2..C?.9.W.F.^:1;j...p..cv..~...~[...............7...L...2.......................".......

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\ucrtbased.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):1660120
                                                  Entropy (8bit):6.562011467084029
                                                  Encrypted:false
                                                  SSDEEP:24576:FoYsYW6Fixna2BNy4ra7hsXZPa1P0i6Q6335lL3BhdJXmNZqByzYZ4t8:yYWxla5P0i6DHXLv7Z4e
                                                  MD5:E5AE5858FFED12C8C4A9AD7CDD7EC5F6
                                                  SHA1:3AD8558EEEE024946568EE151DEB2808CE09A009
                                                  SHA-256:76B653F121FD64FA3E98E891A8C815A585A767F9D98701F68F7B2971C35AD01F
                                                  SHA-512:C77E43A5D0FD786AF7F13C7005F6BD33274B18F1D5C4DED45A5C12610AAEE61BA9DE12080CDA9F8ABE934CF16DA572D62F69B40CDC530A47B9C349A2051DEE24
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........k.N.............r-.........y...C.P.....C.O.....C.M.....C.I.....C.L.....C.S.....C.N.....Rich............PE..L...P.!U...........!......... ...............@.......................................j....@A......................................................."...2......<...p...................................@............................................text....,.......................... ..`.data....P...@..."...2..............@....idata..d............T..............@..@.rsrc................j..............@..@.reloc..<............p..............@..B................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\vcruntime140d.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):108760
                                                  Entropy (8bit):6.609506158805602
                                                  Encrypted:false
                                                  SSDEEP:3072:TCLsZSFMEPCl5ikSF+GbTib1iecberxAKdy:TDEPCl55E+GbTib1iecbe3dy
                                                  MD5:3FFF11E5A8E31C1EFA99E98E26DA72F6
                                                  SHA1:CB93C866D51E9FC823CE36B7AD9DAED651384647
                                                  SHA-256:1069F6B46391383228C4688E969AED8BC0F10F2BBBF73A9F57164A9378847F11
                                                  SHA-512:A28E5882E04215BA863025B3EF5F71D708C3EBECB600791E7C9B598859B6BED97F422E38A4FD6A936C000C91966DAC837751F82AA36AD0BF27DB4120EA3B2794
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........................+.....tm.........................................................Rich............PE..L...qKZW.........."!.....R...&.......K.......p............................................@A........................@X..........<....................v...2......d....$..T...........................h$..@............................................text...UQ.......R.................. ..`.data...<....p.......V..............@....idata...............X..............@..@_RDATA...............^..............@..@.rsrc................`..............@..@.reloc..d............f..............@..B........................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\x64\SQLite.Interop.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):1137880
                                                  Entropy (8bit):6.585923204543214
                                                  Encrypted:false
                                                  SSDEEP:24576:u1smp+W5MPcaLeaO0PWRgBidFqXlNFwfn6:wsiaBO0PWOB
                                                  MD5:EA1C8AA002182C46D290F4EB11686104
                                                  SHA1:B03CD7BDB72F58BCC2795E7595920E5C7DE38843
                                                  SHA-256:C468569A352D079895F24B3603BDE5B4C548314C4997A2926AB87AE4BCBB9032
                                                  SHA-512:3514987BFD0197B4F249C7C35D6941FBF6EB4031B485218D304B6BA2B13F3A6069CF89ABCE4A0B67D93119742041D9D80F8729EF536CE8DCF76C018CD02DC524
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..................m.....j.8...|............0...`.....{.....}.....x....Rich...................PE..d...G.*S.........." .....l..........h'....................................................@..............................................#..$...<....p.......P.......*...2......X...p................................................................................text....j.......l.................. ..`.rdata...Q.......R...p..............@..@.data...Xe.......@..................@....pdata.......P......................@..@text................................@.. data.....;...0...<..................@..@.rsrc........p......................@..@.reloc..............................@..B................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\x86\SQLite.Interop.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):844504
                                                  Entropy (8bit):6.862492571652191
                                                  Encrypted:false
                                                  SSDEEP:12288:Lr9shsglMJF15Yj43MNB2Yldq3+ZeW45+6/rcxJ9RmlJDs9GJk:n9VRJF15Yc3SgN+4z/UYkgk
                                                  MD5:BEE886BBE490BA09680DE9A3F478F1A0
                                                  SHA1:BFF796A4643FB66D97E348549E38A33C40B698B4
                                                  SHA-256:9340CE95583B8F8275F773672934B5D451C712D765B388E69A243BEB01AE8F8E
                                                  SHA-512:E306811BF9A0B42252F8F9C2E83BF66CBA0A6A7EA14409F79713C04E49465EEEC6DF42A27757D7166FF6CD7951AAC73BD9B244B930F321E99326B31065FA2989
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......C..=..~n..~n..~n...n&.~n...n;.~n...ny.~n U.n..~n...n..~n...n..~n...n..~n...n..~n...n..~nRich..~n................PE..L.....*S...........!.....j...B.......%...............................................w....@..............................#..D...<........................2.......E..@...................................@............................................text.../h.......j.................. ..`.rdata..i............n..............@..@.data....G...P...(...0..............@....rsrc................X..............@..@.reloc...L.......N...b..............@..B........................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\zh-CHS\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):20184
                                                  Entropy (8bit):7.041817018257667
                                                  Encrypted:false
                                                  SSDEEP:384:iipxl8UU5qmlG9C6ud3EFP27xWkVbDWRpUmaWstUlAM+o/8E9VF0NyqSG1:iipxlhU7Gnud3gKxnVbDLmaIlAMxkENS
                                                  MD5:1D8076583BCFEE39FEB4420C2A84279D
                                                  SHA1:737DCA3C4029888C4E23319B6ADC03BB8771DBED
                                                  SHA-256:F82D5BF9FE50F17BD2D5E5C54B2F218941C74A15F1BEC53951BB96BC129FE9E5
                                                  SHA-512:044D827B3FB2C73A18FCEE30E84F48C2112E44377B9F58C2DEE4FD3E867F75CCF38DA04850633B5B5373790DEDD12C6E61353684CB2D0B57483AA23621320923
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!.................2... ...@....@.. ...............................V....@.................................H2..S....@...................2...`....................................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B.................2......H...........d...........P .............................................................lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....+.......PADPADPP)6..).........V ......]....}..........-.C.... ...#..S.n....xv.|.-..X:.....V...h...................v..-....1.D|-.. ...?.!..."vAw(...2..C?.9.W.F.^:1;j...p..cv..~...~[...............7...L...2.......................".......

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Application\zh-Hans\WebCompanion.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):45784
                                                  Entropy (8bit):5.707169107371146
                                                  Encrypted:false
                                                  SSDEEP:768:p34u+22ObKL140MIlNZYdodClPGK4VNFKnW9mGc0YW281gsveCfzzjZQ0AMcQjr9:pI2jlwJf1L3nSFNUCgKxnBrntoxr
                                                  MD5:F4C84C8F3B120814D9DC1C02A2D96D5A
                                                  SHA1:F8D18DE1CCF3C8DF703AB6A9705DB7EF77FF2CED
                                                  SHA-256:97DA8558839ACCA438CA0872D8EDDA4B865B9AD4185107E0748CACC387BE1D77
                                                  SHA-512:9093FBD18D6B14A632AB7BA2E152D14EFB4C1732A530590553AECD7F52B94CDD02791DA79EBCC1169CCF6E84599F33E4300EAED96F3A2DB14334B3EED95BFC42
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!.....P... ......>n... ........@.. ...............................}....@..................................m..S........................2........................................................... ............... ..H............text...DN... ...P.................. ..`.rsrc................`..............@..@.reloc...............p..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\BDUpdateServiceCom.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):2894880
                                                  Entropy (8bit):6.916983268484326
                                                  Encrypted:false
                                                  SSDEEP:49152:xMvNfLq1cigqIm9ePTdekCxjGJHzWOsWCP1IYkTzvNr/9qQHi:xMvNlAIm9W8k4jGJ5+IYod/O
                                                  MD5:9C1F9B983C05AFE7B8AE10FDE86B943B
                                                  SHA1:6CB69D90412940B880E48A5A19F86EC313F5643B
                                                  SHA-256:8550F954363A1E0037BA4D9103CB849D9183444FD8500BFC085FFD67024281E8
                                                  SHA-512:D82B418A3AA4ED2BE454285CB54B7204A9E5E5C8AD36858FAFB1ACD7EB682896EEC10C34DCB1011419597432305120BDD7136708DAFE481AA6E0B4403BCBA1E7
                                                  Malicious:true
                                                  Preview:MZ......................@...................................X...........!..L.!This program cannot be run in DOS mode....$........tU.D.;.D.;.D.;.P~8.K.;.P~>...;."z.I.;..`?.U.;..`8.\.;.P~?.Q.;.P~:.R.;.P~=.F.;..`>.u.;.D.;.Q.;..|?...;.D.:...;.Mm..G.;..`2.H.;..|?.N.;..|>.y.;..`>.A.;..`?.F.;..`;.E.;..`.E.;.D...E.;..`9.E.;.RichD.;.................PE..L...Z..a...........!......!..........j.......0!..............................p1......^,...@.........................P.).|.....)......./...............+. @..../..s..`.).p............................).@............0!..............................text...&.!.......!................. ..`.orpc...E.... !.......!............. ..`.rdata.......0!.......!.............@..@.data... .....*..z....).............@....rsrc........./......^*.............@..@.reloc...s..../..t...x*.............@..B........................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\DCIService.exe

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):2851544
                                                  Entropy (8bit):6.737661925597467
                                                  Encrypted:false
                                                  SSDEEP:49152:tpQrtwNHHtM/0df81P3y15MSX/OYFMbGLh31EDjqkkOvKtPOL8dKW5X5AXQJO:U+M6uP3y1+SX/fqGV31YjqxQKUL87c
                                                  MD5:A28E6C9C07D6377DEE0696BFB5561C77
                                                  SHA1:484616A7A6C26F3A0C9B5F983CB94232DCCBE0AF
                                                  SHA-256:CD339535745BF3BF7419F901AACAEEBDF8BDE902AC17718CCB9F8EA84154248F
                                                  SHA-512:99F77BC6DC1BDA7F52625F7FBC3C3DEC9EA721F43D60F4F1A5E5B6D984C5A357E27AD4988FEF1D8FF0B282AEE55885D1B7362FBC84AC3C57468B7002D4B144BE
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......-. .i.N.i.N.i.N.`....N.;.O.m.N.....n.N.;.K.v.N.;.J.e.N.;.M.g.N.}.O.z.N.i.O.o.N...J..N...F.c.N...h.N...L.h.N.Richi.N.................PE..L....m.e.................r!.........Z.!.......!...@...........................+.....,.+...@...................................)......`*..............P+..2...p*..U..@D).p....................E)......D).@.............!..............................text....q!......r!................. ..`.rdata..^!....!.."...v!.............@..@.data........)..\....).............@....rsrc........`*.......).............@..@.reloc...U...p*..V....).............@..B................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\OnlineThreatsSimple.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):228384
                                                  Entropy (8bit):6.695529952833235
                                                  Encrypted:false
                                                  SSDEEP:6144:dpCLjkxuJXc8KJlX5xBRRCC1aZd0ck+Oc7eMLMw:UjkxuJXlKJlXHBcbeMt
                                                  MD5:D5C8DB1EF5BC00AA406326CB2F1B29EC
                                                  SHA1:CC041F2C5771A4D927E5668F663B18992303ACD2
                                                  SHA-256:7C6168F1E8698647B8885A411D4004D60040E86628A1B1BF5C0A598BB5888F7E
                                                  SHA-512:A6F384CD32D7C8845A34AA376C894866A6A6EC0DE7E36A6985967D07E422D7DE2B91BF52DD54D21DE72A39E8C2A65DEF1837AE1F67407CBAF74E262B116838D7
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......p...4.m.4.m.4.m. .n.>.m. .h...m. .i.&.m.f.i.;.m.f.n.!.m.f.h...m. .l.1.m.4.l.].m...d.9.m...m.5.m.....5.m.4...5.m...o.5.m.Rich4.m.........................PE..L......b...........!.....T...................p.......................................u....@.................................T...<....P..l............<.. @...`......D...................................@............p..|............................text...WS.......T.................. ..`.rdata.......p.......X..............@..@.data........0......................@....rsrc...l....P......................@..@.reloc.......`....... ..............@..B................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\WebFilteringSimple.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):185888
                                                  Entropy (8bit):6.61457353282649
                                                  Encrypted:false
                                                  SSDEEP:3072:TdHWEMgubAeKvmGHTDKJtPGQBNjqS9leHTgFF0lo+ghn9vhQfmfjQ7gJIlv:zZubAeqHTalGgNjPvFOo+LUJIlv
                                                  MD5:CF454DB111642FDD96B1088F0BDB900A
                                                  SHA1:8F16E1AC6877AD0391199C66070C10CB84D4E04D
                                                  SHA-256:EA19510B9D3225A4FC8912B827B948215FEE687609795012F6B5AE7FD71E64EE
                                                  SHA-512:477A838CBF05062039119BC47BF639B74F35CF1A2775E1CD4ACF5D2686382C285C2A055BD3CAF21141F496F870F1485000DD877E71386FCA2DEB4F38E1890289
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........o.j...j...j...~...`...~.......~...x...8...N...8...e...8...y...~...i...j..........`......k......k...j...k......k...Richj...........................PE..L.....b...........!................Zv...............................................7....@..........................|.......}..(.......l............... @..........xk.......................m.......l..@...............\............................text............................... ..`.rdata..|...........................@..@.data................l..............@....rsrc...l............v..............@..@.reloc...............|..............@..B................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-console-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.586328290750307
                                                  Encrypted:false
                                                  SSDEEP:192:WfAwWOhWrpT71ojDBQABJwqnajLQvTP+8jIrerl:WfVWOhWrSDBRJwlvQyUIrerl
                                                  MD5:3C89C64D591AB2EAF01FBD2253B3A623
                                                  SHA1:99B595ED628983C88EB09C484777EEA666F631B9
                                                  SHA-256:0DD2878A9AAD0D1A64848DB4A1B4E3851FD5BF049C4BA5B726D114FF45FD947A
                                                  SHA-512:BB370BD639C4B2D25C44D153A7DE6DFF7FCB8F8AF644B6B37243FAB1BFF282D8D3F13770E6862CF0B348FF83E6D7F73B3AEF61E575660DEBCE5664CED50BE715
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...@.nU...........!......................... ...............................0......".....@.............................+............ ..................`!..............8............................................................................text...;........................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-datetime-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.583423439449143
                                                  Encrypted:false
                                                  SSDEEP:192:FWOhWOUT71ojDBQABJwY1UqnajMHxxBNT06YeO7BN:FWOhW+DBRJwHlI66YeO9N
                                                  MD5:6DBCAFA7FD0B183040B73E7E1D97674B
                                                  SHA1:4A6F7D5CECA5DD225532D95B743FA7B7B724621D
                                                  SHA-256:289EA86DA94DE73F0F0DE4812CAF7EDA170EE612C72A713B3036B2669813D15A
                                                  SHA-512:E7C4DBF91C27C2D1570529E33C47E0E2B77C636A22F32F2956C9A59B5ACAE8B2721EA5802D85BBD179C7931D1542CA20B526487297BE729698027FFD97D4AC44
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...F.nU...........!......................... ...............................0............@.......................................... ..................`!..............8............................................................................text... ........................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-debug-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.590420646924817
                                                  Encrypted:false
                                                  SSDEEP:192:4WOhWqT71ojDBQABJTwvveqnajsl/cqtm4t:4WOhWrDBRJTw3elPqr
                                                  MD5:D9E02887A85903EE3A4FA7F197865274
                                                  SHA1:F68904FEF682461068EA782F1ED911B124793732
                                                  SHA-256:9487DA37A92B40720EA2AD64EA0C9ADC8B3C7BC4FE1F63A0E03E9C7A18943565
                                                  SHA-512:43FBB849A9A6E41E3B20813EBBE29E9FC233F6C1A7C00F8798F15F5C896BCA7F6906A9A65FBC5569B3D5F901D70AB9A6132F8A9F71193F2D7F5559A607D5CF84
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...U.nU...........!......................... ...............................0......v@....@.......................................... ..................`!..............8............................................................................text...+........................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-errorhandling-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.656679577113797
                                                  Encrypted:false
                                                  SSDEEP:192:GyfmxD3TWOhW0T71ojDBQABJ2ZqnajxcRGlPHSm:GyfYWOhWZDBRJ2Zll7PHSm
                                                  MD5:FCC2E13D7DB99B2F3725046CA7D392D0
                                                  SHA1:14D31BC9070A47CC58342AEDD17B4EAD672DA6EA
                                                  SHA-256:9CC0615A94B0A320F4B675ECCBC3F7B8C279D9F692165AFC6CE0C877F3981B08
                                                  SHA-512:BD9C7F3D97413F14ABFE75CD2C5CFCB5AA39DE05C8F69A2F6BFAC554FDCF0EB0E41A32C34A5E7FE78A2BEE2AD9D4BE2895A33F138F7F0CB9F02DD3725B1893BD
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...C.nU...........!......................... ...............................0............@.......................................... ..................`!..............8............................................................................text............................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-file-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):15200
                                                  Entropy (8bit):6.549960035832701
                                                  Encrypted:false
                                                  SSDEEP:192:zYPvVX8rFTsBWOhWwT71ojDBQABJ9t6qnaj9RlSIFspC:EPvVXbWOhW1DBRJ9t6lBRAIFsI
                                                  MD5:D613BAA29AFA3DB1FAA991876DD382F1
                                                  SHA1:795AD1269848846294563480750C91ABF6BF33AF
                                                  SHA-256:4B2DC152F33CD7D88BEBA8696A57CD0383F05C50D2FB63672664717766762A1D
                                                  SHA-512:A7113A430D39A71AF764DDDDDA81F37F280F795AE88F5AB829523B278F82C1487401316C24700BE4451A162567C282BCF08390A583CCD18B1BAF96CD86AB54B3
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...U.nU...........!.........................0...............................@......b'....@..........................................0..................`!..............8............................................................................text............................... ..`.rsrc........0......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-file-l1-2-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.615715449552321
                                                  Encrypted:false
                                                  SSDEEP:192:HWOhW7T71ojDBQABJ76qnajMHxxBNT06YeOg:HWOhWIDBRJulI66YeOg
                                                  MD5:00D8B4BED48A1BB8A0451B967A902977
                                                  SHA1:F10EF17BDA66D7CAB2840D7F89C6DE022A7B3FF2
                                                  SHA-256:568D7F8551D8B4199DB3359D5145BC4CB01D6D2F1347547F47967EB06A45C3B5
                                                  SHA-512:E248CBC06FC610F315D7EFCADB39B5CB85DFE5D40858768D5AEA8D41B3B4B23EAFE0DB2B38CCE362FD8BA8BC5EB26E9B2DDDC00E2E8615395BCA818ECFE0DECC
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...F.nU...........!......................... ...............................0...........@.............................L............ ..................`!..............8............................................................................text...\........................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-file-l2-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.722987574306036
                                                  Encrypted:false
                                                  SSDEEP:192:tWOhWzT71ojDBQABJUrkqnaj9RlSIFxKV:tWOhWwDBRJ4klBRAIFw
                                                  MD5:534483B0F4A1924B1AE6D7E66B4A4926
                                                  SHA1:4E954316ACD216007F4A0225B138E0C0A04FBBED
                                                  SHA-256:C1BCA1BB524C5AE3D877A099F469B6FC34288BAB26AE7A7F4FC47CD869F4958D
                                                  SHA-512:CFAD2DDF8A9AD67E36E978726D8A12CA26B180F73122B2E8D19A83F73028A050D9F418E7525F576CC3A9601B3369D4494DDDBDE620B4011B7CA8A7EC4B0D1B12
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...:.nU...........!......................... ...............................0............@.......................................... ..................`!..............8............................................................................text............................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-handle-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.618927406863662
                                                  Encrypted:false
                                                  SSDEEP:192:bWOhWxT71ojDBQABJNf+Q2qnaj9RlSIFr:bWOhWqDBRJN2blBRAIFr
                                                  MD5:2BD9500AB908C0E02CA40F19EF647288
                                                  SHA1:DE8CD89FBA64FA131FA842619B10D7D2D8A681D1
                                                  SHA-256:85546A616D5594B884146AA4E13CDBFE841C9D956E648C6EE4840E6F4428BDCD
                                                  SHA-512:1A3C5E306B6BEDC87C250F8CB1B82E2C736A2C0A8E37C67E287914FF49DA88AF21722EFFAD8CC4918D06B303989B09B35EB5D545A590BE9FA8CDBF9028EF75A4
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...F.nU...........!......................... ...............................0............@............................._............ ..................`!..............8............................................................................text...o........................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-heap-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.56911031198072
                                                  Encrypted:false
                                                  SSDEEP:192:iS6lWWOhWDzT71ojDBQABJSWcqnajxcRGlPHi:OlWWOhWsDBRJ0ll7PHi
                                                  MD5:2BDCA93251D247E98E0A907BF68FFC7B
                                                  SHA1:84BC13DDA79A309B2FB06499EBA090359DBE7CBC
                                                  SHA-256:8434510E84F5ADE3453CFE086ED08260D309F761ED922BB8FF9ED436D8575D82
                                                  SHA-512:E86EC2CF9E964921A912C1992A01CEB8EAB36F5D29D444D1C9B0B9B2F3FC4A831E4FE034C7676E52C01150BA037CA6F46F7DE669A9AAC5EB8BAE2B848E65E7C3
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...O.nU...........!......................... ...............................0......l.....@.......................................... ..................`!..............8............................................................................text............................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-interlocked-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.592215013580638
                                                  Encrypted:false
                                                  SSDEEP:192:ClYsFqWOhW+T71ojDBQABJsgqnajLQvTP+8jIrS:ClYsFqWOhWvDBRJsglvQyUIrS
                                                  MD5:8A6C74B9A1DB0D730AF45BE603D233C8
                                                  SHA1:A6A3E80AFEEFCC9B34703C6A8EA2C0A94FE998E6
                                                  SHA-256:75B8EAE29AB9ACC906AAFAC2A198FE875D34C22B40ACACE1CD6C3486D67333EF
                                                  SHA-512:8F2E6BE6A08E393ACDB7E50687D6E6FAEFA9243855D92018BC9BE5FFEAD022E4DF96D2D51042A1E2D6D2EADCB88E27F7F4AEA8A5314F8FB32C05CB9CEDEDCD99
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...S.nU...........!......................... ...............................0.......-....@.......................................... ..................`!..............8............................................................................text...$........................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-libraryloader-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.677642600384801
                                                  Encrypted:false
                                                  SSDEEP:192:BvuBL3B6WOhWryWT71ojDBQABJFvJCeqnajxcRGlPHZ:BvuBL3B6WOhWryXDBRJCell7PHZ
                                                  MD5:A9116F560839DF0C03BE8AD704AB3351
                                                  SHA1:3339421F8CB623B244DDA6E76EC5B6C7D987AF64
                                                  SHA-256:27078BA4E79087A5C1146F35DA386CE043A3C2BBCAED04BD82645EDDB6ED896D
                                                  SHA-512:4BDED31406E6DE3823A72162BA72968047C48F8373B660A431415811052BE622FBF5B4D2123086601440E714DABD703FF0C36ED962590C23144A2E2B00B13FFB
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...H.nU...........!......................... ...............................0............@.......................................... ..................`!..............8............................................................................text............................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-localization-l1-2-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):14176
                                                  Entropy (8bit):6.665276272236548
                                                  Encrypted:false
                                                  SSDEEP:384:5OMw3zdp3bwjGjue9/0jCRrndbZWOhWlDBRJIXlBRAIFn:5OMwBprwjGjue9/0jCRrndbvs1PIjRAW
                                                  MD5:73483CBC229C62E129627ADBF62B0FFE
                                                  SHA1:074CE67665C86355D3218B5E3EA4B1B335095AF8
                                                  SHA-256:13471EB84DB95F8270398EF1DEB29F0EA024DB17E331497545C36EEA7B2A3A7C
                                                  SHA-512:92F06CB8971E29DA7607C6B1D1377F21C7E6F0E4A169AAA08326038D5CDB09422B91F4F2D26A7978521E0EDBB9CF1235E583F2910048C917CCEF8D12C5E1166A
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...J.nU...........!......................... ...............................0.......5....@.......................................... ..................`!..............8............................................................................text............................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-memory-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.614199521081865
                                                  Encrypted:false
                                                  SSDEEP:192:oWFWOhW0T71ojDBQABJxAY1hXqnajL1dHx3tKCJAC:DFWOhWZDBRJOY1NlXBtpOC
                                                  MD5:D9E4E446DCCCBFA822059DCD16EDFC41
                                                  SHA1:CDED5E8DBF7A00E080432257F95406F5728E739A
                                                  SHA-256:D70EB06ED4F0C686DDA93F35F065EC5E6249E5C737A24249738314C31F9D5202
                                                  SHA-512:11DEACE1B537FB770281468EFB265D932A22B797EE268FB60D968F2F238CBBEAD6C60114572932732B1FD8D5682C1080E7E927A25F73ED2F5E85640B080A37A3
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...K.nU...........!......................... ...............................0............@.............................l............ ..................`!..............8............................................................................text...|........................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-namedpipe-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.722719847090586
                                                  Encrypted:false
                                                  SSDEEP:192:iWWOhWYT71ojDBQABJz0ymVqnajLQvTP+8jIrf:1WOhWNDBRJzxmVlvQyUIrf
                                                  MD5:BB05CDFFC71AC2B0C0FB2CC35B409EC2
                                                  SHA1:B327AB67107235BEB5FCD1B893A571E21E29F6FF
                                                  SHA-256:36C42192283F129FF5637A06B7C3D72E5ED8E1C77493623384F2BDAC15118F29
                                                  SHA-512:B55CBF2AAA2F7685925C313D4CE73B8635666E5F2F30E2621FEC88F3B526D296E5D1FB5C28BF3EA5E8621B298E01B75542085E9E3D1A966762173A3E53E4240D
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...U.nU...........!......................... ...............................0............@.......................................... ..................`!..............8............................................................................text............................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-processenvironment-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12640
                                                  Entropy (8bit):6.592536159264661
                                                  Encrypted:false
                                                  SSDEEP:192:0vWOhWUT71ojDBQABJWTfqnajMHxxBNT06YeOXw:0vWOhW5DBRJGlI66YeOg
                                                  MD5:14E48E802A6690282EBDE74FD5B78E6F
                                                  SHA1:8CB9ADC2A99C6CA443C2EF0BE6BB093F9059AEB2
                                                  SHA-256:0D10D132CD28B57FB88135D5693BA2C1AACE2FC059D85BDE0318FB9B379B57B7
                                                  SHA-512:710356F5E6D4F6DD7754C72DEFF703B144F91B54E643017C05DC81EBD4150981651E6F3FF20EDED5FCD7ABE0327692E8D6BAB00F454597FC36603BD8389601C3
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...L.nU...........!......................... ...............................0......|.....@......................... ...G............ ..................`!..............8............................................................................text...g........................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-processthreads-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):13664
                                                  Entropy (8bit):6.657804135821121
                                                  Encrypted:false
                                                  SSDEEP:384:ok1JzNcKSI1WOhWzDBRJS/kPlI66YeO7EN:DcKSmS1P1q66MoN
                                                  MD5:F2FA7C391D7671AB11028E85D29AB27F
                                                  SHA1:734CCF57CAB781D367B62D216B6582F3BB89249D
                                                  SHA-256:28DD68501F527BE6BC54F5F374BC33BE983EA7AC640E66E3A56272CD3B9A5655
                                                  SHA-512:3286FD352FB4149151168BABE4B1E44D22E914D950F41C099748E8D3B117ADA86391FB4E0EF5863AAC07B2A08372CCCE0C470642AC8A7C7DBF97EA72AF1D0583
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...U.nU...........!......................... ...............................0.......4....@.......................................... ..................`!..............8............................................................................text............................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-processthreads-l1-1-1.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.651268886737345
                                                  Encrypted:false
                                                  SSDEEP:192:79DfIeNWOhWVT71ojDBQABJUqdqnajLQvTP+8jIrnN:79DfIeNWOhWuDBRJhdlvQyUIrN
                                                  MD5:7016BF365A155D29F01A000942A017EF
                                                  SHA1:47E25B97AF56EDBDD20CA72BBA994C6BCF1B81E6
                                                  SHA-256:B5F815D0A41ADD7FD9593036A8E6843FCC221298FEFD61808F960EED3CC19830
                                                  SHA-512:2CD7E88717A2D81811CE03990737888B8A1E9E351DCDAD401FFE5924BDF97BE086BD766A1A5B25411B760CBF81B68BEBD94D915100B6BC1310360813AF11F827
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...N.nU...........!......................... ...............................0.......Q....@.......................................... ..................`!..............8............................................................................text............................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-profile-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11104
                                                  Entropy (8bit):6.757141506376564
                                                  Encrypted:false
                                                  SSDEEP:192:+oJnWOhWbT71ojDBQABJhvz3xHqnajxcRGlPHen:+oJnWOhWoDBRJhvdll7PHen
                                                  MD5:5B222E79ED442685E509BB3F16E93482
                                                  SHA1:FD9DE440D03D9B57319C49871B15B8468AB961D3
                                                  SHA-256:3902AFF11857535698367D4DB2DFCCDE6168429DEFAC82C15A535B4A07F7CDDA
                                                  SHA-512:1D057F6990F9999B82F086CB4C0547D638504CA0EC3E801240FDEB1A20F84CF2B812D9CCA64786186F6158954EF5677208EB4F0265E300525B8528CDBDF305B0
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...U.nU...........!......................... ...............................0............@.......................................... ..................`!..............8............................................................................text............................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-rtlsupport-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11104
                                                  Entropy (8bit):6.76933325737081
                                                  Encrypted:false
                                                  SSDEEP:192:1IG5WOhWwT71ojDBQABJpqnaj9RlSIFOwbF:1IG5WOhW1DBRJplBRAIFOw5
                                                  MD5:308AEDD0DD83ACFB5AEC8C60782A4AED
                                                  SHA1:E5027F0828AAF4B24EB6C6396FBF0B15E49355F1
                                                  SHA-256:DB1622A0B0013991D759C7955454A8006AA27F81A8B9B5C37CF2595B15B1B217
                                                  SHA-512:281C9B854B958426D3C23DDA7116AF17A95E4BEC3EB7E4FA85CD1216BB8A2B999A764866E831D1022590DADA7E720D5D930417888F174FC91A3FCE78F3393C1C
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...O.nU...........!......................... ...............................0............@.......................................... ..................`!..............8............................................................................text............................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-string-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.666608120067825
                                                  Encrypted:false
                                                  SSDEEP:192:yMyMvNWOhWPT71ojDBQABJoUqnajsl/cqta:nyMvNWOhWMDBRJFlPq8
                                                  MD5:749B5C0031E0726FA45A3BB9B48B3802
                                                  SHA1:551C7ADF6233B66D9271F5B705AB45D69CB590AA
                                                  SHA-256:7BF7FF35FBCBFC1CB57597ACFB23D2FB13E04E14906F4A626E4E92D689F19CBC
                                                  SHA-512:B7E7D59307AA2432B978484CFCA8E5EA61216C1240BDBD733D4C697609EC371E6F13AEF2A654DE64711371B35DDA2C5C6AE2B13B52E5951B51161D42B2D6ECAA
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...R.nU...........!......................... ...............................0............@.......................................... ..................`!..............8............................................................................text............................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-synch-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):13664
                                                  Entropy (8bit):6.560273780937202
                                                  Encrypted:false
                                                  SSDEEP:192:Gdv3V0dfpkXc2MAvVaoKZWOhWpT71ojDBQABJdBqnajsl/cqtV:Gdv3V0dfpkXc0vVabWOhWSDBRJblPqH
                                                  MD5:2BBC9CF572B18123A0F27F04492C6EA6
                                                  SHA1:216404ED615263BE2271A8DB7C64DAA5D54D9412
                                                  SHA-256:1FF0D9CEFF0F982B7A78EF34C45980B88099067F4468F11FCDD46DBAC00F6DD6
                                                  SHA-512:F59CF115E6FD8F82F5D2B3C871AB0CFE3BD1C8C5493ACA196DA185A3F6E85E6390BCBA1BB32D409BA17C3C032C43308F609DB14180027FAD564DAA0D5F570309
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...R.nU...........!......................... ...............................0............@.............................V............ ..................`!..............8............................................................................text...f........................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-synch-l1-2-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.696434650469273
                                                  Encrypted:false
                                                  SSDEEP:192:YttZ38WOhWJT71ojDBQABJFarAyTCqnajMHxxBNT06YeOpFWM:UtZ38WOhWyDBRJErDClI66YeOnT
                                                  MD5:9EFDFFAC1D337807B52356413B04B97B
                                                  SHA1:2590BD486ABCE24312066285FA1C1FEAF8332FE0
                                                  SHA-256:E1A87D7D01E2376DDE81A16658915CCF2ECB692739FEF09ADFB962523756E22D
                                                  SHA-512:B3C164E50D48A78BD08CF365E02E263B97EC2DD3EFCF04914C8677C838E10BE23DF5178A8618E3F2A6FEB6FAA2BB74EAF069E7E2DB7C6E6FD9D0137DCFFBCEAD
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...W.nU...........!......................... ...............................0............@.............................v............ ..................`!..............8............................................................................text............................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-sysinfo-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12640
                                                  Entropy (8bit):6.588164083921983
                                                  Encrypted:false
                                                  SSDEEP:192:XtqUKIMFQWOhWq7T71ojDBQABJONnxqnajMHxxBNT06YeOargRow:XtqUlWOhWBDBRJYlI66YeOaURx
                                                  MD5:B697440BDBBA2E896005DE51943EE0DB
                                                  SHA1:F4F7AB7A1D8E4FA43F83401585E6E83136CB16E6
                                                  SHA-256:B31A83C8CC984C2A7ED9D7C9964F8BA302C1051BC478A3A34B98F4F873A6C011
                                                  SHA-512:81270F3E9A91D001155FB9C7F80132D9611082A68C0F849CE95895DC9835223075531CE11A534DC076D75FB76CDEAE9ABEAC23D371CC0DE8428E8C177D7673D5
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...W.nU...........!......................... ...............................0......A)....@.............................E............ ..................`!..............8............................................................................text...U........................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-timezone-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.747904282517099
                                                  Encrypted:false
                                                  SSDEEP:192:jUWOhWiT71ojDBQABJj6nqnajLQvTP+8jIriNDG:wWOhWTDBRJWnlvQyUIrcG
                                                  MD5:42C72D838C34E4E7164C578A930B8FC7
                                                  SHA1:82D02CB090EB6D81A1499189E4D3E6B82AA60061
                                                  SHA-256:F1667BBDA1B58FC688B422FD2F9F7040919C4ABABE00A4BE78B258CAE2DFC3D3
                                                  SHA-512:1020D6010DCA512ADBC18F44B6453A974A200766013C39F6CB1CD0A72234A241C73587C929F1D0FCADF90C3EB71264086167F05BD7EBCEB5B944F4E4A0811D92
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...T.nU...........!......................... ...............................0......).....@.......................................... ..................`!..............8............................................................................text............................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-util-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.592529685619637
                                                  Encrypted:false
                                                  SSDEEP:192:bWOhWZT71ojDBQABJAqnajMHxxBNT06YeOy:bWOhWCDBRJAlI66YeOy
                                                  MD5:C0B34D2146CD6F6CC2FE345029066EC8
                                                  SHA1:7EE74D35ADE0BACB113CB9E81156083258EDEB8E
                                                  SHA-256:1573AF23A9BA27B2F3703A718749B776AEA67E654C8C9713F92E41A67AE37C79
                                                  SHA-512:46E8CAEE15AC0BE70A4B15E27967CD4464AB5DDE0FF11E192F81E855CED99C8A83F8B5BE5D1B92F6C8AC593090985736F19227F117A20A59F56416B11E3745B2
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...U.nU...........!......................... ...............................0............@.............................9............ ..................`!..............8............................................................................text...I........................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-conio-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12640
                                                  Entropy (8bit):6.6268710535758455
                                                  Encrypted:false
                                                  SSDEEP:192:pj8PWOhWST71ojDBQABJphUzyqnaj9RlSIFK:pjAWOhWDDBRJpYylBRAIFK
                                                  MD5:4296CF3A7180E10AAF6147F4AECD24E4
                                                  SHA1:F81E09AF979A1146774D554783D1A22A03A61393
                                                  SHA-256:147F86FF93D61FEA256B3DE9149E1B36B68A83762E62A3389466218E18359FFC
                                                  SHA-512:60357EDDE6572C5E796F927C3E72C31A96FF700624B7366FDDA64BCF51EE00BF1E9AB477A46D8D3BA7391BA10491E69F745EFEC3607F8F49B6E1A3A3DE7A0648
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...X.nU...........!......................... ...............................0......jG....@.......................................... ..................`!..............8............................................................................text............................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-convert-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):15712
                                                  Entropy (8bit):6.425222272368789
                                                  Encrypted:false
                                                  SSDEEP:192:fpdkKBcyxWOhWWT71ojDBQABJMIqnajsl/cqtt:JuyxWOhWXDBRJXlPqD
                                                  MD5:5C6FD1C6A5E69313A853A224E18A7FAC
                                                  SHA1:10BAE352F09B214EDEF2DC6ADCB364C45FAFDBEC
                                                  SHA-256:3AA0EB4C47AC94B911F1A440324D26EEE8DDF99557A718F0905BFEE3CF56255F
                                                  SHA-512:08C2B1150F6BF505D10085A515BBFAB6C1E18663C6EF75EC988727E3D30210532D03BFBFBB048B1A843D4FAA5D1060F9079E018A9E892BCE03F899A5A85F6034
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...`.nU...........!.........................0...............................@............@..........................................0..................`!..............8............................................................................text............................... ..`.rsrc........0......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-environment-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.584062596989429
                                                  Encrypted:false
                                                  SSDEEP:192:kWOhWaT71ojDBQABJIvqnajxcRGlPH6WE5:kWOhWbDBRJIvll7PHC5
                                                  MD5:6A3D5701446F6635FAFF87014A836EEE
                                                  SHA1:7BBC9DB1C9CE70E9FC7B7348A2C96681E5D8265B
                                                  SHA-256:16BA05A1FA928501FFAEE2E9DCE449D28E8FE538DF5EC6D8D1080B610B15D466
                                                  SHA-512:839A1277B6DBB9F2D6E572E1B50B0AD08C93256A1367F36997DB07285AA7B251346499A643A985A22D9A7618635C11964E414073AA7E1BF60D36368829DE8FB3
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...Z.nU...........!......................... ...............................0.......&....@............................."............ ..................`!..............8............................................................................text...2........................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-filesystem-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):13664
                                                  Entropy (8bit):6.642134226840258
                                                  Encrypted:false
                                                  SSDEEP:192:b7q6nWlC0i5C5WOhWWT71ojDBQABJHTTKJqnajLQvTP+8jIrF7:/q6nWm5C5WOhWXDBRJHTGJlvQyUIrF7
                                                  MD5:4EC243792D382305DB59DC78B72D0A1E
                                                  SHA1:63B7285646C72EE640D34CDC200BFC5863DB3563
                                                  SHA-256:56E0BDF91EDB21F5F5041F052723025C059A11360BB745F965A9903DE9C61756
                                                  SHA-512:88F648D45927DB65FF8CEAD4BB1959B1297410BF3F5B3B2783A173D708649260A61470342694DE8B93E9C1657DE64DB43DB40EE71ACC661B03786C0921D68D4B
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...Y.nU...........!......................... ...............................0............@.......................................... ..................`!..............8............................................................................text............................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-heap-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12640
                                                  Entropy (8bit):6.564400972555511
                                                  Encrypted:false
                                                  SSDEEP:192:8Y17aFBRkWOhWXLT71ojDBQABJz5qqnajxcRGlPHisg:9RWOhWXYDBRJ9qll7PHip
                                                  MD5:A51CFB8CF618571215EEBA7095733B25
                                                  SHA1:DB4215890757C7C105A8001B41AE19CE1A5D3558
                                                  SHA-256:6501894E68A3871962731282A2E70614023EC3F63F600F933EC1785400716CE1
                                                  SHA-512:9AE11AB21486DEA1ABA607A4262F62678C5B0E9F62B6A63C76CFDC7698D872D8696FFB1AAAE7AA2E2CF02C1C7EAA53D0CE503432960F4BE6886FAE0DE2659535
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...Z.nU...........!......................... ...............................0......u?....@.......................................... ..................`!..............8............................................................................text...&........................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-locale-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.677315318089621
                                                  Encrypted:false
                                                  SSDEEP:192:iWOhW6UT71ojDBQABJmRqnajsl/cqt0AEV1:iWOhWQDBRJmRlPqubV1
                                                  MD5:8D097AA5BEC8BDB5DF8F39E0DB30397C
                                                  SHA1:56F6DA8703F8CDD4A8E4A170D1A6C0D3F2035158
                                                  SHA-256:42C235914844CE5D1BB64002FCA34A776AE25EE658FC2B7B9DA3291E5DEF7D4D
                                                  SHA-512:A891536E2A362FC73472FA7F5266CE29E8036959701BC0862F2B7EA5865DCD1505615EDC8E064FB2F7AAA1B129E48422EFE7B933B01FAED9C2AFADD8A64452DC
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...Z.nU...........!......................... ...............................0......h.....@.............................e............ ..................`!..............8............................................................................text...u........................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-math-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):22368
                                                  Entropy (8bit):6.188429412305562
                                                  Encrypted:false
                                                  SSDEEP:384:n47isbM4Oe5grykfIgTmLOWOhWB9DBRJelXBtpObE:41Mq5grxfIn+c91PkKE
                                                  MD5:AB87BDAE2F62E32A533F89CD362D081C
                                                  SHA1:40311859DD042A7E392877364568AAD892792BA9
                                                  SHA-256:0439703E47C8FCE1F367F9E36248A738DB6ABCD9F2DD199CB190D5E59ED46978
                                                  SHA-512:DBE0073DA8979F3D32204680015B60435226840E732B5DF964DBEEB7920C0BC5DF92D866964F905518C97CC3539F628664503FFA64E50A2EF90C459B62555444
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...X.nU...........!.........................@...............................P............@..............................+...........@...............6..`!..............8............................................................................text....,.......................... ..`.rsrc........@.......2..............@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-multibyte-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):19808
                                                  Entropy (8bit):6.18946421950789
                                                  Encrypted:false
                                                  SSDEEP:384:iy+Kr6aLPmIHJI6/CpG3t2G3t4odXLlWOhWrDBRJ2pll7PHI:iZKrZPmIHJI6Bq1PUo
                                                  MD5:169E20A74258B182D2CDC76F1AE77FC5
                                                  SHA1:FCE3F718E6DE505AC910CB7333A03A2C6544F654
                                                  SHA-256:224F526871C961615DE17B5D7F7BBEF2F3A799055CAB2C8E3447B43C10C25372
                                                  SHA-512:0881C8704421A5F6E51ABD22C55608DD7FB678491682CE86066E068B1973EBF11D6C2163BE610A49F87E800C8563EBB41ABFE36E1913D7D0B8485FD29ED81BF7
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...Y.nU...........!.....$...................@...............................P.......@....@.............................. ...........@...............,..`!..............8............................................................................text....".......$.................. ..`.rsrc........@.......(..............@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-private-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):64352
                                                  Entropy (8bit):5.548808567064281
                                                  Encrypted:false
                                                  SSDEEP:1536:KaYDe5c4bFAcvxXWpDid3334BkZnGPMwPn7+9:6De5c4bFAcvxXWpDid3334BkZnGPMwP2
                                                  MD5:682BF6B9C07A64929A4484DB51D6C13D
                                                  SHA1:07672CE8F08DB3B1D745B71E9DB3E4729C70793C
                                                  SHA-256:BDD0CCA431EE362BED4F2C1ECCAFB22AA8DD51D57014BE8297789175E5C11F2E
                                                  SHA-512:E4AE0FC24114A58BAEDE8443CB9275811C12A321AC898CDA89EFBD07474B8E60A564C55BBD82E37F521BF46B05FC1CA876F9B33F6D4BBBAED9FE0F03C937FCE1
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...X.nU...........!................................................................a.....@.............................................................`!..............8............................................................................text............................... ..`.rsrc...............................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-process-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12640
                                                  Entropy (8bit):6.589445465477159
                                                  Encrypted:false
                                                  SSDEEP:192:nRQqjd7xWOhW8T71ojDBQABJkoHqnajLQvTP+8jIrrNX:nKAWOhWRDBRJkMlvQyUIrrV
                                                  MD5:3838DD55B0237AF0FBAC474ABB6614CC
                                                  SHA1:0C47256F4A29BC3FA889B5FBE0B1F2D712ACF4ED
                                                  SHA-256:51862322AE3354F254045545B4FF64B7445BC99107B4526C3430DE9CE5C60D88
                                                  SHA-512:CCA018899156601146C5C6AA747603A62D70E3DBBBBDE377B06A78F3D0F2D83F11D7F3DB71D239F4AD8CE2E38B92C93175D2AF5AF56905F87A755B8DD59B7836
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...Y.nU...........!......................... ...............................0............@.............................x............ ..................`!..............8............................................................................text............................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-runtime-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):16224
                                                  Entropy (8bit):6.474363534458307
                                                  Encrypted:false
                                                  SSDEEP:192:90CjfhrpIhhf4AN5/jivWOhWXT71ojDBQABJBkQgqnajxcRGlPHei8:9b7hrKMWOhWkDBRJBEll7PHQ
                                                  MD5:49363F3CF4671BAA6BE1ABD03033542F
                                                  SHA1:E58902A82DF86ADF16F44EBDC558B92AD214A979
                                                  SHA-256:505D2BDE0D4D7CD3900A9C795CB84AB9C05208D6E5132749AB7C554CCD3C0FCC
                                                  SHA-512:98E78A607CFBB777237DC812F468EC7A1ABCBA9472E20A5780DFC526F7992DA1841FCD9E2F76F20FA161240007F185C7FBDC120FB4C3C1F2B90FDAD5913D65DD
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...Y.nU...........!.........................0...............................@......h.....@..........................................0..................`!..............8............................................................................text............................... ..`.rsrc........0......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-stdio-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):17760
                                                  Entropy (8bit):6.391701840073475
                                                  Encrypted:false
                                                  SSDEEP:192:5FbNpuWYFxEpahvWOhWQT71ojDBQABJ/EXqnajL1dHx3tKCJAfg7:LUFVhvWOhWVDBRJclXBtpOfm
                                                  MD5:BE16965ACC8B0CE3A8A7C42D09329577
                                                  SHA1:6AC0F1E759781C7E5342B20F2A200A6AAB66535E
                                                  SHA-256:FCD55331CC1F0FF4FB44C9590A9FB8F891B161147A6947CE48B88BF708786C21
                                                  SHA-512:7BA55FA204D43C15ACA02031F584B3396BB175365DAD88E4047B8A991F1F1DDD88D769E4D8CB93EE0ED45E060A1156E953DF794F9CB8BB687C84C4A088DA2EDF
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...Y.nU...........!.........................0...............................@......1.....@.............................a............0...............$..`!..............8............................................................................text...q........................... ..`.rsrc........0....... ..............@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-string-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):17760
                                                  Entropy (8bit):6.3772354907724695
                                                  Encrypted:false
                                                  SSDEEP:384:2iFMx0C5yguNvZ5VQgx3SbwA7yMVIkFGl7WOhW0DBRJglI66YeOtOk:26S5yguNvZ5VQgx3SbwA71IkFid1P56x
                                                  MD5:3EAE6D370F2623B37EC39C521D1F1461
                                                  SHA1:86D43E2E69B2066333E4AFA28A27C7A74FF89991
                                                  SHA-256:CE74BDC6999D084A1B44B2ECEA42DD28849B2825D7779EFFDC4C18360308B79B
                                                  SHA-512:30B2B6CF5CD1BBDF68DE048E6D992133FE7AB0C847FA0D5EB8C681A9688D60794621A40178451A104036A0FFF2E1BD66A18D9F96BE6B28DBDC0BC1C8A535FC85
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...].nU...........!.........................0...............................@.......4....@..........................................0...............$..`!..............8............................................................................text............................... ..`.rsrc........0....... ..............@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-time-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):14176
                                                  Entropy (8bit):6.536472462531097
                                                  Encrypted:false
                                                  SSDEEP:192:uamDOWOhWKT71ojDBQABJUBXqnajL1dHx3tKCJAH:l/WOhWLDBRJUtlXBtpOH
                                                  MD5:A440776E10098F3A8EF1C5EACA72958E
                                                  SHA1:7B8662714F6E44FB29A4224A038E4127964003E9
                                                  SHA-256:40D8BC312AC7BCA072703E5F0852228CDE418F89BA9AD69551AA7A80A2B30316
                                                  SHA-512:B043CD020D184A239510B2607C94210DC5FDC5D2A2B9285836BDCE8934CC86A1CC3F47A2F520B15DB84F755AC2E7C67E0247099648D292BBD5FB76F683D928DF
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...Z.nU...........!......................... ...............................0.......x....@.......................................... ..................`!..............8............................................................................text............................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-utility-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.670008463006746
                                                  Encrypted:false
                                                  SSDEEP:192:jfHQduLWOhWnT71ojDBQABJcGqnajMHxxBNT06YeOh0:jf9WOhW0DBRJcGlI66YeOi
                                                  MD5:A0A883E26BE6800508162E2A898148D9
                                                  SHA1:4F79892E7766CB7831211864978575598C86A11B
                                                  SHA-256:9753AE83536767C73E340C36C5F1610BC76A3E67E033B07503EC31431CBA7B90
                                                  SHA-512:70904F2FD074073AEBCF665178B34CF7F0F42CED7223CA296F7F202F6FA0175ACE2832D9802F5BFF4D67891CA09AE14FAC47420D69107E72AA44B541A190F6C3
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..L...Z.nU...........!......................... ...............................0............@.............................^............ ..................`!..............8............................................................................text...n........................... ..`.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddci.cat

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):9946
                                                  Entropy (8bit):7.147674409917281
                                                  Encrypted:false
                                                  SSDEEP:192:3D+/yPJCKTXooyKfPFWQFS83v480Hy5qnajsTU5SR:lxrPFRE8/4sluU0R
                                                  MD5:4C62608E0E96006123CEADFFDC36E72F
                                                  SHA1:DDD70A6A42F0B5D5D79C54552AECA852610FD8F0
                                                  SHA-256:5F46A05FA0785C125F0CC114A0ACCC6EF798796DF0F1897A05660C02FB7C04E9
                                                  SHA-512:A62808516B5B3E65B1A757773A0802AD0539E3A8234812814477AE6BCE6BCAABA28CF50FEFC7D909669E6131F09A38639B7C600A7E452D12042B7EC0D191624F
                                                  Malicious:false
                                                  Preview:0.&...*.H........&.0.&....1.0...`.H.e......0.....+.....7......0...0...+.....7..........jmG..#..&...210826120621Z0...+.....7.....0...0..}.R7.4.D.5.D.C.6.8.F.3.C.C.A.C.8.7.8.D.A.8.4.0.9.E.2.E.6.C.C.E.C.E.E.6.2.B.F.9.A.7...1..%06..+.....7...1(0&...F.i.l.e........b.d.d.c.i...i.n.f...0@..+.....7...1200...O.S.A.t.t.r........2.:.6...0.,.2.:.1.0...0...0E..+.....7...17050...+.....7.......0!0...+........t..h.....@..l...+..0b..+.....7...1T0R.L.{.D.E.3.5.1.A.4.2.-.8.E.5.9.-.1.1.D.0.-.8.C.4.7.-.0.0.C.0.4.F.C.2.9.5.E.E.}....0....RF.D.4.E.8.1.1.9.2.F.B.9.A.F.1.9.D.5.D.4.7.E.1.1.D.E.C.E.3.9.C.1.D.4.1.B.0.5.1.A...1..-06..+.....7...1(0&...F.i.l.e........b.d.d.c.i...s.y.s...0@..+.....7...1200...O.S.A.t.t.r........2.:.6...0.,.2.:.1.0...0...0M..+.....7...1?0=0...+.....7...0...........0!0...+.........N../.....~...9.....0b..+.....7...1T0R.L.{.C.6.8.9.A.A.B.8.-.8.E.7.8.-.1.1.D.0.-.8.C.4.7.-.0.0.C.0.4.F.C.2.9.5.E.E.}.......;0..70J..+.....7....<0:.&.Q.u.a.l.i.f.i.c.a.t.i.o.n. .L.e.v.e.l........1.0.0.0...0$..+

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddci.inf

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:Windows setup INFormation
                                                  Category:dropped
                                                  Size (bytes):4587
                                                  Entropy (8bit):4.99150407247473
                                                  Encrypted:false
                                                  SSDEEP:96:udXrNW2qu5Z5u5j5h5A54FPO9EyNQkF9pSYzONz1oWO9WuS:u1pZ3k5zaEO9E4PFSYSNxov9HS
                                                  MD5:29ED28D5B82805736D39636A7209E0DC
                                                  SHA1:74D5DC68F3CCAC878DA8409E2E6CCECEE62BF9A7
                                                  SHA-256:2A46F7858DAC6A5A2A9AEDD13ABAD17D2ACED6BDD8E7C8A89F99C9E62C3F169E
                                                  SHA-512:AF7C5F67754D8790D8A0CCA630C77912724DB3D6C9F4D2C7A0A3D76CF217A76CC2FBAB698A05C598A3C07A7B76B19B5B27F412B2A731BF14951F0D2A65D229E0
                                                  Malicious:false
                                                  Preview:;;;..;;; BdDci..;;;....[Version].. Signature = "$WINDOWS NT$".. Class = WFPCALLOUTS.. ClassGuid = {57465043-616C-6C6F-7574-5F636C617373}.. Provider = %Bitdefender%.. CatalogFile = bddci.cat.. DriverVer = 08/25/2021,14.3.38.705....[SourceDisksNames] ; "Used by SourceDiskFiles to express where those files are located".. 1 = %DiskName%,,,""....[SourceDisksFiles] ; "In order for a driver file or an application file to be included as part of a signed driver package".. bddci.sys = 1,,....[DestinationDirs] ; Specifies the destination directory for all copyfiles in this inf... DefaultDestDir = 12 ; 12 = \Drivers folder.. BdDci.DriverFiles = 12 ; 12 = \Drivers folder....[DefaultInstall].. CopyFiles=BdDci.DriverFiles..[DefaultInstall.Services].. AddService = %BdDciServiceName%,%SPSVCINST_ASSOCSERVICE%,BdDci.Prevention.Service....[DefaultInstall.Detection].. CopyFiles=BdDci.DriverFiles..[Defa

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddci.sys

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (native) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):514976
                                                  Entropy (8bit):6.688592219019769
                                                  Encrypted:false
                                                  SSDEEP:6144:1wtkVx3vTHwqO9eG7RPR1JefV1GdWJKSnqTYtsSB6zE3L0Pq82xF7F7nuO8t6s55:1wKtPkp72xF7F7gtdsrOt48PfcaqupoG
                                                  MD5:5E77DDC9FEC7046BAEA4784F032EF334
                                                  SHA1:F059E32FD5050FB35CB35A613EADBC928F673ECB
                                                  SHA-256:0F41B8DD0D41E750EBBE1EC66D8E4519119AB906E4BC01A33A9FB0C5B0AD5F30
                                                  SHA-512:B2A2C1FF7F6C3A056081E393734D5DD2B7B8FC9E067467C3FCC45909DF6E7AE2ECC8F7FFA8F9117FE9E2BD7FD045D64BA1FA80C00D52D055C27667AFD2399076
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........q.....[...[...[.{.Z...[.hr[...[.he[...[.{.Z...[...[...[.{.Z...[Gd.Z...[Gd.[...[Gd.Z...[Rich...[........................PE..L....#&a.................&...................@....@..................................[.....E.................................e..x.......`................!.......G...a..T...........................8b..@............@..P............................text...c........................... ..`PAGE......... ...................... ..`.rdata...5...@...6...(..............@..@.data................^..............@...INIT....7............d.............. ..b.rsrc...`............f..............@..B.reloc...G.......H...r..............@..B................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddci_core.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):1367072
                                                  Entropy (8bit):6.5604556241080365
                                                  Encrypted:false
                                                  SSDEEP:24576:Oxoxyqqw0RaqtPo6nf+nUE0SzVMTHJUghNWqmjpy/om:QoYqiEGoY+nUE0CVMTHqgzWBVy/9
                                                  MD5:787E3F15F86329C7330C72197ECFA7F7
                                                  SHA1:B8B031E62ACE433D82619092A599D628DDE99A45
                                                  SHA-256:24D43211728E462DD8F50A1EEAF7016738BC3C641D4818F8B2E4CA2F59DC175F
                                                  SHA-512:B8989D6AA6173AE1BE14C064DC0B764FF9893AB38D98FB26D9E233F445307442B48813C03DD6B7531E1BA60B1CD5B3A7EA85B9FD79E0226412431AAD24E08183
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........V.fd..fd..fd...g..fd...a..fd...`..fd...`..fd...g..fd...a..fd...e..fd..fe.=fd.H.a..fd.H.m..fd.H.d..fd.H....fd..f...fd.H.f..fd.Rich.fd.................PE..L....#&a...........!.........................0......................................rj....@A........................@Q..p....Q..d.......0............... @..........X...................................@............0..0............................text............................... ..`.rdata.......0...0... ..............@..@.data....v...`...d...P..............@....rsrc...0...........................@..@.reloc..............................@..B................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddci_install.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):113
                                                  Entropy (8bit):5.024399016495459
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yOA59bR1GqWREEGRMGMily6ZhwKML5r:hSnJOrEE6RVtG
                                                  MD5:E53B0CDFA47603A767603BA0D7D88D5F
                                                  SHA1:E4954AC71F948F6CDE020CEC724C5E40079F1710
                                                  SHA-256:B6F48EC300DFA6C1B9465A1758960CC22E43C1C9E8BC9080B54B1355752C85A2
                                                  SHA-512:861BC7E89D56FC498C8D9D362F775FF1005FE23BDD9A7DCF76682CF3D39ECF13342C52BE1A527995EC47FD2CBD01F91E91F09F4094A0CB04903C9FB1B11921AE
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0..RunDLL32.Exe syssetup,SetupInfObjectInstallAction DefaultInstall 128 %CD%\bddci.inf..popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddci_install_boot.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):110
                                                  Entropy (8bit):5.05232264138167
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yOA59bR1GqWREEGRMZiEly6ZhwKML5r:hSnJOrEEMEVtG
                                                  MD5:EB7FD87467EBED250DDF9205BBFCF35A
                                                  SHA1:AD6B37B514DFFC0BAE6D5046C2B34ADFD354AA32
                                                  SHA-256:49AC42D63849F3FC001AE109C63578A43778E97EEF8696EFE7CBA9FB03FE820D
                                                  SHA-512:64A4E216A9EAF6804DFA273AECFB8F7B7BD513EDEC4D75AF1C4C7370E5C5CACC0209475ABE40587A5A8003462AA2F4678E8518D96413C3FDD84220589AB01773
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0..RunDLL32.Exe syssetup,SetupInfObjectInstallAction BootInstall 128 %CD%\bddci.inf..popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddci_reinstall.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):216
                                                  Entropy (8bit):5.127188347659828
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yuJqpsgLA5vRpMKz6yEly6ZhwKMLRA59bR1GqWREEGRMGMily6ZhwKf:hSnJGqpsgLQXdEVt4rEE6RVtfn
                                                  MD5:C0D4FA051CFCE46BD180B8E1611FE221
                                                  SHA1:DCE6714DCFB8A5986A74D7997994BC8A7A74D691
                                                  SHA-256:681BAF813771192AAF8853BB0DD3773DA610B429F875CB93A501968DD886EC22
                                                  SHA-512:AAC3C218B41C5A90F81A7E9EEFCEAF9F8854763F254A495AA5455BCBA3D97231DD8AA02B35D43880C1F4A094B5FC0965109B267C4DA15B3682D062DA6D9ABC3E
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0....call bddci_stop..RunDLL32.Exe SETUPAPI.DLL,InstallHinfSection DefaultUninstall 128 %CD%\bddci.inf..RunDLL32.Exe syssetup,SetupInfObjectInstallAction DefaultInstall 128 %CD%\bddci.inf....popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddci_reinstall_boot.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):213
                                                  Entropy (8bit):5.153467971136594
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yuJqpsgLA5vRpMKz6yEly6ZhwKMLRA59bR1GqWREEGRMZiEly6ZhwKf:hSnJGqpsgLQXdEVt4rEEMEVtfn
                                                  MD5:D689035E2D21C5D672CA0FA99B1D6FF9
                                                  SHA1:F21E0181303F0FB4A7C82EB76CCF9A5B4AD446E9
                                                  SHA-256:2ED8F11755D68E6E381914AE35995F815168B87948043D3871ED50D638F457AD
                                                  SHA-512:A50BAC4C7AA8A9F3334626F2C0A6DFC0B3D54D402A7E8276C21B9335009430F19DF7B244DAB00F6FDE538E345FECA09996BAF7927FDF0F4134E2D5DA3A94E8C4
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0....call bddci_stop..RunDLL32.Exe SETUPAPI.DLL,InstallHinfSection DefaultUninstall 128 %CD%\bddci.inf..RunDLL32.Exe syssetup,SetupInfObjectInstallAction BootInstall 128 %CD%\bddci.inf....popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddci_start.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):61
                                                  Entropy (8bit):4.3212158708844575
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yVTBBn:hSnJVT3n
                                                  MD5:D1AAA0351E290303C8F2773E4444E5DD
                                                  SHA1:757E10E1FDC2919A10BAE72D215A1324F4ABA4E6
                                                  SHA-256:B356443280684F01A3666021662821EB9130EAB58EBE48A400726E7D82591F5B
                                                  SHA-512:7468CE3E229AAD292897BA3F531479D4764A38E1E6B58E3FD4AB9E5232FE6CAF9E040D8F742785B85802C4D4BAEF9598EBC78BDA92D525DA10C6C88AD5D7E2DF
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0..net start bddci..sc query bddci..popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddci_stop.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):60
                                                  Entropy (8bit):4.235546013316953
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yVO9rCBBn:hSnJVz3n
                                                  MD5:18D3A452985E52AA8ADFF7737F116EEE
                                                  SHA1:3CE81B54F7C3A913509FCC78538CE239C6D41CB0
                                                  SHA-256:D42E07D8BD6FD9536552704B3556EF3DCC1C43B89E7BF0A4DEF59784391A9098
                                                  SHA-512:D3F337C26690258A3D1D02B555CAF1463FE49C9EA8AD51496EAC8E425AFE65952C2EA870798C2038282E196DBB9E4719FE7FD8742F8488F4B55E7687ED59896E
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0..net stop bddci..sc query bddci..popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddci_uninstall.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):110
                                                  Entropy (8bit):5.130096791944795
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yOA5vRpMKz6yEly6ZhwKML5r:hSnJOQXdEVtG
                                                  MD5:32A10363F7CEF5F479734E468FAA54E9
                                                  SHA1:CCCB9C13D1F2A371443FAB4C8EFF346F54C764F5
                                                  SHA-256:E7CBA9FE65F75C973818ED70EBD764EA47B05956B7390DC8942AD6C5D150CE8E
                                                  SHA-512:B48B604312026442CEF5D6D6C437D9B202B97CB72506EE18FEDBC2DDCF8B97B7E6A575626432B3467DB25FEB0DB7F2F1EF5053EE1FDBAAD7A30866F583F74FEB
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0..RunDLL32.Exe SETUPAPI.DLL,InstallHinfSection DefaultUninstall 128 %CD%\bddci.inf..popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bddcihttp.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):2376224
                                                  Entropy (8bit):6.698759684275736
                                                  Encrypted:false
                                                  SSDEEP:49152:VC0U2o0WrUbHxkBfQcfguHeDf7smVaSkF1UcDTYGZSgZsTmh5c1:VPGtQkHecSk3UcoGmz
                                                  MD5:F66029EC83576428B20CDE5A32E24C43
                                                  SHA1:05E4C7CAF1E123F67C999DA1A99AA7AD07896046
                                                  SHA-256:EABA389587402DCECC042810F69139685A6AF9B872D778750A789209621D1F90
                                                  SHA-512:3F0830A0756AF08639069D2B69257ADC48410A5E08F9E25C0572C84C4327277739BE15688F34D71B93710429ED8CE15372CE78F2EFEBE1005E98F07D3F22CD8E
                                                  Malicious:true
                                                  Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.........A<K./oK./oK./o_.,nF./o_.*n../o_.+nP./o..+nC./o-..oJ./o..+nZ./o..,nR./o..*n../o_..nF./oK..o../o..&nd./o../nJ./o...oJ./oK..oJ./o..-nJ./oRichK./o................PE..L....Y.d...........!.........t..............................................P$.......%...@...........................".......".x....`#...............$. @...p#.......!.....................@.!.....h.!.@............................................text.............................. ..`.rdata...H.......J..................@..@.data....`...."..L....".............@....rsrc........`#......$#.............@..@.reloc.......p#......*#.............@..B........................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bdnc.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):1997344
                                                  Entropy (8bit):6.754349511406938
                                                  Encrypted:false
                                                  SSDEEP:24576:X4/sAkx4It2YxQiLOgr3OPwwne/hh9jPz6aC2gV0eS+cqN8za3Zv97Ci9Q/rC351:XjxjtJQX8hVCBV0eIeq1w32TKfpAw
                                                  MD5:BEF663C7DB6CE506CBB50CCED9A11A2F
                                                  SHA1:21EEB150BDF3051ABAF6393C99E97FF7A34525C4
                                                  SHA-256:24E4A501A7C9BF0D6AFBC9F01D98A88AB83FFFA3F6DA43DA37B684F580E9D7FD
                                                  SHA-512:DF90FB36DC2DAA6D38E9907AA6B07A9D51D58E46D7FE892BE1E6E908440DAD8B8A29A7D19E6D86A8C2C872238D74BFD70566871DFFB8DCCAA2C1D6A32A4B5E03
                                                  Malicious:true
                                                  Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$........*...K.}.K.}.K.}.;.|.K.}.;.|KK.}S<z}.K.}S<.|.K.}S<.|.K.}S<.|.K.}.;.|.K.}.;.|.K.}.K.}>K.} ..|.J.}.<.|.K.}.<.|.K.}.<x}.K.}.<.|.K.}Rich.K.}........................PE..L.....a...........!................................................................\.....@.............................p............................:.. @..............p...........................8...@...............$............................text............................... ..`.rdata..............................@..@.data............V..................@....rsrc................N..............@..@.reloc...............R..............@..B........................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bdnc.ini

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:ASCII text
                                                  Category:dropped
                                                  Size (bytes):108
                                                  Entropy (8bit):4.584132838074214
                                                  Encrypted:false
                                                  SSDEEP:3:RwCKXF83Mnmz8BCjY9kHvGPbGymjyRZF:BE7mz8KYeGbGym4ZF
                                                  MD5:153E80B1EC9BAEC5619ACEEBFDE340C6
                                                  SHA1:5374991113BD75BC60DF99B372E61DEB6D5340EF
                                                  SHA-256:C7890B7AA3FBE8AAEF3CFFD4215B870489A54C9E450B1A91A8021D48BE3547BA
                                                  SHA-512:3FCE1BD79FD944554DCB09E74E33A01F443A358FD3B42334926E8C9DC385C9F717BB9D48F022E5B4A7486AD7A091246C4EEF64CF212BA29812D967F60934E2D2
                                                  Malicious:false
                                                  Preview:BootstrapServer = nimbus.bitdefender.net..# LogFile = bdnc.log..# ProxyName = .# ProxyUser = .# ProxyPass =.

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bittorrent.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):94752
                                                  Entropy (8bit):6.59207031871241
                                                  Encrypted:false
                                                  SSDEEP:1536:wAW3xF16mcNmDt9hkH5XvXy/T4/0esWpcdF7Zit1UH7yw1g5xFn6X3heV:lmcNm5fkH5oE0fF7Mt1UH7L1w7V
                                                  MD5:F10D1AF7250925D6E5280F0EF1764B4E
                                                  SHA1:B2F0D0B6F6FC0006B5D84FB84A1CA9BB8DCAED29
                                                  SHA-256:1C283CC9B21A2391856E01CE5DE0ACDC14829951E7BE7ED1497812683FCDF24B
                                                  SHA-512:018EB528DC2541F72EC642A68DCFB96C53B653692B9622291A2EBDCDD547BF1E9C464705D2B537ADB0D88470532FA5CFD1EE7C8F1FAD802C876577D2313E8384
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........t.@h..@h..@h../...Hh../...>h../...Rh...3..Qh...3..Vh...3..Oh../...Eh..@h...h..3..Bh..3..Ah..3..Ah..3..Ah..Rich@h..........PE..L.....n\...........!................................................................[.....@.....................................<....P...............2.. @...`..X.......T...............................@............................................text...7........................... ..`.rdata...f.......h..................@..@.data...<.... ......................@....gfids.......@......................@..@.rsrc........P......................@..@.reloc..X....`....... ..............@..B................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bridge_install.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):167
                                                  Entropy (8bit):5.102379914131941
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yB83vQXAtlNdfDZj4I5pEIRfT8ZEEyAZ51AUmhMW4crWarA5Mn:hSnJB83vQQtlNj5TL65yULWRCGjn
                                                  MD5:996CD85E5F005D76E1B7F6033AD3840F
                                                  SHA1:D2111E0E5CDB4FBCF0C7220D4BFDF71CB495FB60
                                                  SHA-256:328A059D0FD3BBFCE208BD5DF73D14D0B56B2C0EE79BF7E6E2017211150655C1
                                                  SHA-512:8F1C15E4C0E274E548843D102CF8A722EEDFDC098AD36AE45BF0A84F70C96360E7704A25E0CD7067191E594FA6931F46FF0ADD09DEB7F8BE8F38DF1873B0F81F
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0..sc create DCIService binPath="C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe" DisplayName= "DCI Bridge Service"..popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bridge_start.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):49
                                                  Entropy (8bit):4.445644282581652
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yBsns2yAB:hSnJBsZB
                                                  MD5:95E8C6CD0A911F1AB4969C06B8CF77A2
                                                  SHA1:BE1B1F8ABD0420F59ECAB7BCF8120CDC2CE34195
                                                  SHA-256:DE795F6D8591577054813BEE79E7C5B4EE13360039D29AA73971C6B985D26EBD
                                                  SHA-512:E5EEFAF761BE7BF3CEA207E22E98398093FA0A9D3B459AF7DF22BFBF07755816737A7B8B261ACF01AEC8B10B5D8F0D90132A4ECDD83C242B2CDE883039FAC1FF
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0..sc start DCIService..popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bridge_stop.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):47
                                                  Entropy (8bit):4.323220703147271
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yBs0bbnXA0vQB:hSnJBs0vnX9U
                                                  MD5:2D655B2F0502E2E7DEA4154A8C801219
                                                  SHA1:E20FE8994AD78028516BFDFA1804C3BC8CF19D6F
                                                  SHA-256:93CEBF47CF6FC0088D589B62BF805F371E5EBF12639EB4DAB9F21E753D1BB8AC
                                                  SHA-512:7F6009BD8C5EFB4A60191574CF850AC5F83BFF2F9A38F148206A566F4BAA0E82EE9ABE0C358CFF57F27EC5727685FBAE5A3F03D77A920EF438801F70E06FCC6F
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0..sc stop DCIBridge..popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\bridge_uninstall.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):73
                                                  Entropy (8bit):4.752922463132331
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yB7s5vw414NaDw9IvVun:hSnJBUR4Na1vUn
                                                  MD5:808896D128F2DF4E933CBC8E48B589E2
                                                  SHA1:0B8A2851D08111843EC9DB698CA716053CD94E10
                                                  SHA-256:4827234DB594CD6DC42E97A6E6A418B3D2C691A9354FF6E9C8E03C5B5454F1F0
                                                  SHA-512:83680AD9519207AF630B151C82F7979764D216AF8DC0B68C4BF051E240F52BF7E2FF2C3A138EC7577A33FC1A27CE8731E59FA84C7C008FF7765542AFF767E4FC
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0..sc delete DCIBridge binPath="DCIBridge.exe"..popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\concrt140.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):252200
                                                  Entropy (8bit):6.686835136650429
                                                  Encrypted:false
                                                  SSDEEP:6144:HdynmUAZcA2pxuarMEc+vA54+0omeCrB/04LU+KS1yQZS0IuVx8i5S12z/VsTB:6pLnxB/0AncuVx8cz
                                                  MD5:3DA20013485A5651B687711BF859D8B9
                                                  SHA1:6C4071F22F5F5C6B14B8019AD8BECC2D2DD7A14F
                                                  SHA-256:FB9772945DEDBA1C28FB523244DFC3A849EB9EBFE70B166687DB03E196D5CD1E
                                                  SHA-512:FFA88023F5C54674944F7EF2062027C76251E451C0EE42A6B4594EC503FE09E7118E73993C1BFC49F3E0497F42A980E53F4E6A70E11D3DB55AFDA2C4E505C03C
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........Nf.. 5.. 5.. 5BO.5.. 5...5.. 5..!4.. 5..!5}. 5..$4.. 5..#4.. 5..%4.. 5.. 4.. 5...5.. 5.."4.. 5Rich.. 5........................PE..L...}8.^.........."!.........z......@........0.......................................T....@A.............................K..<r..........................(A.......,...;..8............................<..@............p..8............................text...l........................... ..`.data....4...0...2..."..............@....idata.......p.......T..............@..@.rsrc................f..............@..@.reloc...,...........j..............@..B........................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\ftp.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):106528
                                                  Entropy (8bit):6.589366630446392
                                                  Encrypted:false
                                                  SSDEEP:1536:IUXZmooK5uduWApRuPvC/8hL5QTdoYYqsWaJcdFKwZEFT/l9/SliM4ktEsg5xjyO:IUX88WAqPv4RRhFDKFT/CiM4kusKy9rk
                                                  MD5:617CEB4843AC63404DB4EF8963EF968B
                                                  SHA1:A9B99133AD04D17F9C5F6F3C0F589A221BDE25E9
                                                  SHA-256:E8F30170AFB878D4E1768431B6F8484B36456DCCDBCB957F74D4126430CEC7D9
                                                  SHA-512:778D01CACAA17D48903B422F93E5C5B182E6B2324CC582800F4927D3AF3322D7409D8C0071EA7E66160FCE1828969245356E8572CCF65B7DE7078F10516563A2
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........}.^.............x.......x.......x.......G.......G.......G.......x..............`G......`G......`Gc.....`G......Rich............PE..L.....n\...........!................b%....................................................@..........................G......4H..<....................`.. @..........`<..T............................<..@............................................text...|........................... ..`.rdata..$n.......p..................@..@.data........P.......6..............@....gfids.......p.......D..............@..@.rsrc................F..............@..@.reloc...............L..............@..B................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\http.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):160288
                                                  Entropy (8bit):6.677970992034964
                                                  Encrypted:false
                                                  SSDEEP:3072:/TkVtLD/j7esk/PsToM1MXF/VlEMp11l6Nhj+zIXsW6J4BP25eN9q0WK7B:ILD/jq+h1U/VdT1lyhj38p2Ke/FWK7B
                                                  MD5:12613CAB10EC2259B02AF7E5084E43C8
                                                  SHA1:176EE92FD2C2CDEA77E0152459517137726892BE
                                                  SHA-256:B5AB00F61318900BC20AB9D555E31A4A594773123DA18E5B343D39BD722EF14B
                                                  SHA-512:80B0C48F077043ADD53141209C51E0156CCF797E3DC9DFDC05D566E430815917D4D033B04AA7A5455223B687CE7F21477F7344D4712C00E267ED26D96182BB65
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........w..I...I...I...&r..C...&r......&r..[....o.K...'M..Z...'M..Y...&r..L...I.......'M..T....M..L....M..H....MW.H....M..H...RichI...........................PE..L.....n\...........!.....t................................................................@.........................0...........<....P...............2.. @...`..........T...............................@............................................text....r.......t.................. ..`.rdata...............x..............@..@.data....#..........................@....gfids.......@......................@..@.rsrc........P......................@..@.reloc.......`......................@..B........................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\lsa.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):95264
                                                  Entropy (8bit):6.590888680570747
                                                  Encrypted:false
                                                  SSDEEP:1536:23AW3g0416hemmVvaWMHOuiyeT4/0esWpcd+QZOG18FTRyw3g5xI33hslc:MlhemmVTMHWE0f+QUG18FTRL3Rmc
                                                  MD5:93F4A39860864BA3E2951760DC0DF9A7
                                                  SHA1:2FFEDFADA53D4DDFF3D012F31385462196F3469E
                                                  SHA-256:35144EDC0079E04AD022E6BE729B1EB37F93ED4E289A9A547EC61F82CE35B988
                                                  SHA-512:7070485E6F8C3FD52E61E1892609ED017409C3A22826C3E7448F0BD633CB3E9949A81BD10B013B40E0731AC7E2BB23F401F2059477E1AEF54E63B8E2E84A6DC1
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........t.@h..@h..@h../...Hh../...>h../...Rh...3..Qh...3..Vh...3..Oh../...Eh..@h...h..3..Bh..3..Ah..3..Ah..3..Ah..Rich@h..........PE..L....n\...........!......................................................................@.........................@...........<....P...............4.. @...`..l.......T...........................(...@............................................text...w........................... ..`.rdata...f.......h..................@..@.data...<.... ......................@....gfids.......@......................@..@.rsrc........P......................@..@.reloc..l....`......."..............@..B................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\msvcp140.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):456480
                                                  Entropy (8bit):6.668806207955215
                                                  Encrypted:false
                                                  SSDEEP:12288:xltXrXT8sqcLNvDbiv7TlkWBElGuIMyYehUgiW6QR7t5s03Ooc8dHkC2esrMnUv:xfXrXTXLNvDb0TlkWBElqYd03Ooc8dH4
                                                  MD5:448B345BCAC7EC3729F291229C942060
                                                  SHA1:5813E35F62F3C670D02CF18DFA0DCA523108660E
                                                  SHA-256:5B920691E5273821987680FAB51B91F9DE89CF2C66C10C568DCA57EAF2AE74FA
                                                  SHA-512:72D01D35716AD9E1FDE5941854B811765479C73A7A3CDC9E3FEFCD3A6AECF68657354599B5CD18E67C8B1A61A3D5756AE83B13963C08E7BB638E415236C9D136
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......).>gm.P4m.P4m.P4...4o.P4d..4{.P4m.Q4..P4..Q5n.P4..T5f.P4..S5e.P4..U5..P4..P5l.P4..4l.P4..R5l.P4Richm.P4........................PE..L....8.^.........."!.....D...................`......................................+.....@A........................................................... A.......;...z..8...........................Hy..@...................$...@....................text....B.......D.................. ..`.data...l(...`.......H..............@....idata...............`..............@..@.didat..4............t..............@....rsrc................v..............@..@.reloc...;.......<...z..............@..B................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\msvcp140_1.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):28960
                                                  Entropy (8bit):6.861725840767029
                                                  Encrypted:false
                                                  SSDEEP:384:Kd4+Xc9tef8gsj7yPqrpTtWcS5gW56voWi9pBj0HRN7iA9WixHRN7ZEimfklw:BwB1qrFY2AWvYyZ
                                                  MD5:CF8B6FDBB674082AA771277518FFA224
                                                  SHA1:53CE8BCB30178BF428A8A21B75406BFBF7D888D9
                                                  SHA-256:2D42CE741E0157C976CEBA4E57B19E9B3DD3CD25969A4B1AE6FFF0D9ABFFA832
                                                  SHA-512:3ECB7F06179391BBA224288E272451899058CA170412BA9184E7EA5BCB3FE5F2399F2652FA010A8D24290933FE4F98D988A347FDCD14897CDE6690D37C1BEA39
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................("-.......Q.....d.....d...........d.....d.....d.....d.=.....d.....Rich............................PE..L....8.^.........."!.........................0...............................p......n.....@A........................0*..J....@..x....P...............0.. A...`..t...X...8...............................@............@...............................text...z........................... ..`.data...@....0....... ..............@....idata.......@......."..............@..@.rsrc........P.......(..............@..@.reloc..t....`.......,..............@..B........................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\msvcp140_2.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):174368
                                                  Entropy (8bit):6.873198907654365
                                                  Encrypted:false
                                                  SSDEEP:3072:2Z5HgjV47eKf7s/1ViHQqG5n9wqJGbdqnL7wmH9/MwEATGu2I6I7c8w4:2ZdG47O/1owmmr9/MwEACu2I6I3
                                                  MD5:FEB206FE582C088F9697255EADFF2CD5
                                                  SHA1:19679CD834927C1A5C1ED01A75D855ED7C932F21
                                                  SHA-256:2232EC6B4516531A0CA248F0F14A397A36C566D2E22E7AAC6FBADF5504C485B0
                                                  SHA-512:5A6B3B223CB9684434A71E02113D8B9A1F42F6CF589E61784E1E6525F1E4FE7C4A22CAD2CACC4314BB1F3D326E9BE08AF2703F46C3B1D1C9B14E2C3CE66E19AC
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........H..&..&..&.i...&......&.%."..&.%.%..&..'...&.%.'..&.%.#..&.%.&..&.%...&.%.$..&.Rich.&.................PE..L....8.^.........."!.....,...<...............@............................................@A.........................4..@....Q.......`...............h.. A...p..D....\..8............................\..@............P...............................text....+.......,.................. ..`.data... ....@.......0..............@....idata..`....P.......8..............@..@.rsrc........`.......F..............@..@.reloc..D....p.......J..............@..B................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\msvcp140_codecvt_ids.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):26400
                                                  Entropy (8bit):6.826764841044341
                                                  Encrypted:false
                                                  SSDEEP:384:cyW4C8dwOjYOIT1WioEWm6voWi9pBj0HRN7vAKzzWixHRN7HEimfklw:bn2CAqPAW7zayH
                                                  MD5:48FA51AED61FB303B949CB0545AD7759
                                                  SHA1:AE04F67C7F0F1859F3DAF89A3E22D07DFF1992A1
                                                  SHA-256:17CF677904C065E5874621381EE3BF6E7E1EA5C0E15DE3526E0B652959C6A081
                                                  SHA-512:8E8C8AADB4C8C35265657B8BA4EE37D4D91F864F81E3E78A8622F4E94C3626750A50D7BE66E5024C8F6B4EBB9DF95B6687A7D29D81C4C93BEC8D64DEE6365300
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........(T.vF..vF..vF.....vF......vF..vG..vF.Q.G..vF.Q.B..vF.Q.E..vF.Q.C..vF.Q.F..vF.Q....vF.Q.D..vF.Rich.vF.........................PE..L....8.^.........."!................0........0...............................p......T.....@A.........................!../...l@..P....P..0............&.. A...`..D...D...8...............................@............@..h............................text............................... ..`.data........0......................@....idata..t....@......................@..@.rsrc...0....P......................@..@.reloc..D....`.......$..............@..B........................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\pop3.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):97312
                                                  Entropy (8bit):6.598500903761848
                                                  Encrypted:false
                                                  SSDEEP:1536:gm5TSzd14C4fqUQUxbJmTS0QdJgWTwTsWoScdygZquT6L2CQ/g5xry3hyXoC:iUQUxNmT1W0yTyg4uT6L2b/6vYC
                                                  MD5:EEF9F8BFBAC36C94B60BF9F56EEA6843
                                                  SHA1:52BE28DB936EAA08CFBF20A03F42C312D8123F69
                                                  SHA-256:D7CB01AA1F43F33BB2ED9770310D63E8E88C18F1999ABFDD924FCE87C379BB5C
                                                  SHA-512:F2D4A720ECE430CE469FAFA5F2CE9667D2C6BE165C2C4EDF76708D57AFB83AAB6AC9102E86EF5D3A13D2F1EAA7010AF0CAF874CAEF76749AC4272A5DC369179F
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......c.|.'...'...'...H.......H.......H...5......&...I$..5...I$..<...I$..7...H..."...'...l....$..$....$..&....$.&....$..&...Rich'...........PE..L....n\...........!................B...............................................Dz....@.........................0 ....... ..<....`...............<.. @...p..........T...............................@............................................text.............................. ..`.rdata...f.......h..................@..@.data...@....0......................@....gfids.......P......."..............@..@.rsrc........`.......$..............@..@.reloc.......p.......*..............@..B........................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\rpc.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):95264
                                                  Entropy (8bit):6.5969601086389975
                                                  Encrypted:false
                                                  SSDEEP:1536:bAW3HK16EzGm6vaWMHup1ydT4/0esWpcdxOZOOC1PczkywPg5xhn33hmlI:fEzGm6TMHZE0fxOYP1WkLPYnIK
                                                  MD5:D48696E276A26FD0015ABBD5969426D2
                                                  SHA1:B98171D31DAC59E2D2FD5B671C7A151D3F1E0CD5
                                                  SHA-256:24A9F556383A23829CBEA48A947F1A0D20343E59D6A2AC7B03BD525D17FF59AD
                                                  SHA-512:0FAA877395297AB7B6D917BC9EF1976C7A9610C1D66679F5F250B419615741E32C9A711AB07EB6065F92C67266BEE29359FB08C645237A8B38BBE623D3D859AD
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........t.@h..@h..@h../...Hh../...>h../...Rh...3..Qh...3..Vh...3..Oh../...Eh..@h...h..3..Bh..3..Ah..3..Ah..3..Ah..Rich@h..........PE..L.....n\...........!................r.....................................................@......................... ...........<....P...............4.. @...`..d.......T...............................@............................................text............................... ..`.rdata...f.......h..................@..@.data...<.... ......................@....gfids.......@......................@..@.rsrc........P......................@..@.reloc..d....`......."..............@..B................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\sav.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):569888
                                                  Entropy (8bit):6.710309793908797
                                                  Encrypted:false
                                                  SSDEEP:12288:jbmBHxoTfKHvvQh4ZiY9eatBURNrvkB2mvaNWXbcuU/daiRF9ha0OoKvCz7cO11E:jbmBHxo7KHXQh4EY9eatBURNrvkB2mvL
                                                  MD5:A89B7B393C40D971B43CD185558BA38C
                                                  SHA1:3B183A378CECBD133F9064E192B6629E74EDC78E
                                                  SHA-256:EAB455BDC63E8E10596C3F420DE906E4AC9C33265CE174DFB72BA35038A821CC
                                                  SHA-512:EF454040E7E026698DE03028ED7C951F22EB1A3D3693799C5225BA2AD2160B43DF4E9AA4E46CACB479BB6DBF159F64385903296F08605F21A99199FF7A780B88
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........A.M./.M./.M./.".,.G./.".*.../.".+.X./.#.,.V./.#.*.~./.#.+.../."...J./.M...9./...'.../.../.L./....L./...-.L./.RichM./.................PE..L.....n\...........!.........................................................@.......D....@.................................x...P....................r.. @......dF...~..T...................t...........@............................................text...C........................... ..`.rdata...E.......F..................@..@.data............8..................@....tls................................@....gfids..............................@..@.rsrc................$..............@..@.reloc..dF.......H...*..............@..B................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\scan.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):734752
                                                  Entropy (8bit):6.549973169403991
                                                  Encrypted:false
                                                  SSDEEP:12288:BTkrgrhzPE3YUaakpDLMvxM1kszTSC61T4+IglUUOnhEZ07JlR0H7reME21mgbt7:GglzPE3YUa7pDLMqWszTSC61T4+IglUi
                                                  MD5:D1859C4068F2FB019366F631D4E6A640
                                                  SHA1:714B298F4D424089281F6B70B63C7C151BB2732B
                                                  SHA-256:70D0573766CE7D5AED1841D8D33169CC91217026916A8EA59041D713DE1E1FEF
                                                  SHA-512:C6772146FD6BFA4C7B410B8D0A1AB0E1D5D32D748C90D9B540CD997961E1E41065A267EE82C5F5F9F0601BBE06ECD0F02D9B2BBD2335C53EEE783D0D155A9A55
                                                  Malicious:true
                                                  Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.........t.O..RO..RO..R[..SD..R[..S...R)..RN..R...S^..R...SW..R[..SZ..R[..S@..RO..R...R...S~..R...SK..R...SR..R...SN..R...RN..RO.RN..R...SN..RRichO..R................PE..L...U..a...........!.....@...................`...............................`......KU....@.........................0................p..Hy.............. @.......c...P..p............................Q..@............`..<............................text...f=.......>.................. ..`.orpc...c....P.......B.............. ..`.rdata.......`.......D..............@..@.data....c.......B..................@....rsrc...Hy...p...z..................@..@.reloc...c.......d..................@..B................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\smb.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):160288
                                                  Entropy (8bit):6.655808489108428
                                                  Encrypted:false
                                                  SSDEEP:3072:OmsYq9WXmeNagy7WK4S8S2IhXTvG0FTD+0oozeOA2I0:DsaXm5N7WNcTvbD+26J2I0
                                                  MD5:E853FAB879C6C66DAA7D67DA71713CE9
                                                  SHA1:93024F5ACA7CF2B9C0AB2359EBA88766BEE30319
                                                  SHA-256:0169B536EB9EF2F527E3256F5BF25D2A088ED6228624DA201DFFA7B64CB18727
                                                  SHA-512:B1114639A7F0DBACCD47E6ABD4E6E90D92FDD9F9EA5E57C9B84A46E233B281D819067FCF2EC6F061D070610B7A1C17CCDEE4D5F8BEDDF5100DF86CB4512133C2
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......p.S4...4...4...[...=...[.......[...&....#..5...Z...'...Z.../...Z...$...[...1...4...................5.....5.5.......5...Rich4...................PE..L.....n\...........!.....^..................p............................................@.........................0...........<....@...............2.. @...P..L!......T...........................8...@............p...............................text...v\.......^.................. ..`.rdata.......p.......b..............@..@.data....$..........................@....gfids.......0......................@..@.rsrc........@......................@..@.reloc..L!...P..."..................@..B................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\smtp.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):104992
                                                  Entropy (8bit):6.631913962273684
                                                  Encrypted:false
                                                  SSDEEP:1536:4hCvfBOj7HLJcGc3hVuv5eYt6/ATdoYYqsWaJcdbKZSZ9zj6tEOzg5xWE23hUr:/vfWrcTuvpRRhbK03zj6u0/6r
                                                  MD5:AF69DAC89447E330DABB24CFD6727294
                                                  SHA1:61B2EFE2A1C7B074A6623CDEE6C0BF678501E0C9
                                                  SHA-256:DF7D222C8358E3A26218724065BA6264F54F372A9AA0B638D56FF144CB0A7272
                                                  SHA-512:D02D0EFCE3A5D70CC765BC744992B6887642DE28D98F52FD605FDC54B9B8017A8C5FB13CA8F3481EB07F5EAC9E64E5C3ADEDAE3B71F8C5F518D180F68411AB11
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........}.^.............x.......x.......x.......G.......G.......G.......x..............`G......`G......`Gc.....`G......Rich............PE..L.....n\...........!................!'....................................................@..........................C......XD..<....................Z.. @...........8..T............................8..@............................................text............................... ..`.rdata..Hj.......l..................@..@.data........P.......2..............@....gfids.......p.......@..............@..@.rsrc................B..............@..@.reloc...............H..............@..B................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\ssl.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):164384
                                                  Entropy (8bit):6.754040419127566
                                                  Encrypted:false
                                                  SSDEEP:3072:c1Xa83vdx9QMCeNLBkQyrwcm2LXv4FbxzXtgnvCR0zsl:c1Xaa3PCeNKQcwbLXtMvnzsl
                                                  MD5:64DAEF088239F9C2382F498AAFDAF955
                                                  SHA1:4240EB2572FE650B802533A48CE3E55D0E98EEFE
                                                  SHA-256:963EEC824AF55474D5CF310ECFE3C707233159ECB38F21F4D112FC8CA87D0A85
                                                  SHA-512:1CA3BA5F45A1338A2AA5E0ADF167CB5750E071E1954406892EAF2CFABCC47452136EA247300DD169A5B71851D7BFEFEF4E56182891E48D2C883FCC842977FCCE
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........o,>X.BmX.BmX.Bm7jAlQ.Bm7jGl..Bm7jFlJ.Bm..mY.Bm6UAlK.Bm6UFlH.Bm7jCl].BmX.Cm..Bm6UGlE.Bm.UKl[.Bm.UBlY.Bm.U.mY.Bm.U@lY.BmRichX.Bm........................PE..L.....n\...........!.....`...........v.......p.......................................r....@.................................d...<....p...............B.. @......,.......T...............................@............p...............................text....^.......`.................. ..`.rdata..T....p.......d..............@..@.data...H7... ......................@....gfids.......`......................@..@.rsrc........p......................@..@.reloc..,............$..............@..B........................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\ucrtbase.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):883712
                                                  Entropy (8bit):6.824170675528273
                                                  Encrypted:false
                                                  SSDEEP:24576:0WmPrDND1ONC1r4pD84TfEXpS8sYsen/mKvTZuoy4YJp:DmPrBu1ygr
                                                  MD5:8ED02A1A11CEC72B6A6A4989BF03CFCC
                                                  SHA1:172908FF0F8D7E1C0CBF107F7075ED1DBA4B36C8
                                                  SHA-256:4FD02F2699C49579319079B963425991198F59CB1589B8AFA8795B5D6A0E5DB3
                                                  SHA-512:444FE62A5C324D38BDC055D298B5784C741F3CA8FAAEAED591BD6DCF94205DBF28C7D7F7D3825CCB99EFF04E3FFD831E3F98D9B314820841A0C0960AE6A5E416
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.............`.`.`....`.a...`.`..`..:..`..:..`..:....`..:....`..:....`..:..`..:..`.Rich..`.................PE..L...t.nU...........!................`k...............................................(....@A........................`...'............................<...@... ...V...u..8...........................8v..@............................................text............................... ..`.data...............................@....idata..d...........................@..@.rsrc...............................@..@.reloc...V... ...X..................@..B................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\vccorlib140.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):275232
                                                  Entropy (8bit):6.600111760893926
                                                  Encrypted:false
                                                  SSDEEP:3072:HoRQZd7vnoB93x5M1rf0773i8jZuIK7bMevXVdKMHFtEfiS:HHujMqFuIK7YeNdKv
                                                  MD5:199F85E87D48D322249A979F19DBD189
                                                  SHA1:754B6B1CBA661D1D15D5065850C1D67FDE5E922F
                                                  SHA-256:E586C91057CEE6852EEEB796FBFCB091A46B2539E1D928F907F8E16CF74B99F2
                                                  SHA-512:4AE29D2AD1EB5EC5EC49422308CADA89082D66B9EF4C99B69C65DD991023FB60A4776D1DAB7344F10A067C335A6823188D939CDB3908A1A2D1F2369098244734
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......CQD..0*..0*..0*..H...0*..@+..0*..@/..0*..@...0*..@)..0*.....0*..0+.t0*..@#..0*..@*..0*..@..0*..@(..0*.Rich.0*.................PE..L....:.^.........."!.........................0...............................0............@A.............................=.............................. A.......W..lJ..8............................J..@............................................text...+........................... ..`.data... p...0...n..................@....idata..............................@..@.rsrc...............................@..@.reloc...W.......X..................@..B........................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\vcruntime140.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):83752
                                                  Entropy (8bit):6.903773905350177
                                                  Encrypted:false
                                                  SSDEEP:1536:ygQmqDRK9IfURwL67cuhH6poqPpep4yW3UecbiEI+/z3SnC:yg+DRGI86L6gshupXUecbiEZ
                                                  MD5:55C8E69DAB59E56951D31350D7A94011
                                                  SHA1:B6AF2D245AE4D67C38EB1CD31E0C1CFFB29B9B2C
                                                  SHA-256:9D8D21022FF9D3F6B81A45209662A4F3481EDC2BEFAE0C73B83CF942EAB8BE25
                                                  SHA-512:EFB2AC1891724DF16268480628EB230B6EE37ED47B56D2E02A260559865CDD48EE340CE445E58F625E0F4D6DBDC5BFB7CE2EEEDF564B837CFF255EF7D1DC58CD
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......reM.6.#F6.#F6.#F...F4.#F?|.F=.#F6."F..#F.t G%.#F.t'G".#F.t&G*.#F.t#G7.#F.t.F7.#F.t!G7.#FRich6.#F........PE..L...~8.^.........."!................@........................................@.......\....@A........................P................ ..................(A...0..t....#..8............................#..@............................................text...d........................... ..`.data...............................@....idata..............................@..@.rsrc........ ......................@..@.reloc..t....0......................@..B................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\BDUpdateServiceCom.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):3688992
                                                  Entropy (8bit):6.6835125568988
                                                  Encrypted:false
                                                  SSDEEP:49152:6NVwASOmGtlq+yIU6iztwR8XZej3F2pVKy61r7wVv0CTBMAOh5P5UcYimjrdhYYI:G1+zkxP2eirzYYDAWYDxh
                                                  MD5:D8008AF3901A9EC9D4244CF26084E047
                                                  SHA1:ACCAAEEE0EC22128204691F447BA3912C3AFEE72
                                                  SHA-256:22C63916383F6A1ED6D2C3E46025515A46F0B5B9B35B37D2ACCD2EF21B545F64
                                                  SHA-512:9B45BCF3998DCE2C29ED422D156DB1AB1ABF90A11888B1DBFADA8A6BB7E1EA0DA4DB714956BED2DA5CBAB54F14023332E0873CB871D29020FD24A5D0969D15B8
                                                  Malicious:true
                                                  Preview:MZ......................@...................................P...........!..L.!This program cannot be run in DOS mode....$........6.MUW..UW..UW..A<..]W..A<...W..38}.XW..."..DW...".._W..A<..EW..A<..CW..A<..WW..."..fW..UW..IW...>...U..UW...V..\/..VW..."..YW...>.._W...>..hW..."..PW..."..WW..."..TW..."..TW..UW..TW..."..TW..RichUW..........PE..d...x..a.........." ......(..\.......%.......................................=.....,.8...`..........................................)5.|....+5.......=......P;.p.....8. @...0=.,s.../3.p............................/3.8.............(.X............................text...<.(.......(................. ..`.orpc...,.....(.......(............. ..`.rdata...z....(..|....(.............@..@.data........P5......*5.............@....pdata..p....P;.......5.............@..@_RDATA........=......z7.............@..@.rsrc.........=......|7.............@..@.reloc..,s...0=..t....7.............@..B................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):3420376
                                                  Entropy (8bit):6.506654255902519
                                                  Encrypted:false
                                                  SSDEEP:49152:g0blwtOa+nH+h4hBNW8hqV9tfP09Q+80YJNSVevwSGCeRyJFdPSQRoPARHJV:ENMc0iGzRUEQRxpV
                                                  MD5:3827CA1C0EC114A29BB576BEF431F070
                                                  SHA1:1189DD380F160046DE9F5F2F1D74459958F31A4B
                                                  SHA-256:DD45886108AA85350FEAA6D9FCC6C922B0874DFA18BBFE23111CC8EDCB37FCB1
                                                  SHA-512:480B6A1FC02FDEC7FC2316F01B239BCE98A6D8152770D329DDC4BFB37E2E00A7987A702900523CCC0380CAABBEE38A404683DBB20FE9C9B9456083559AFB8218
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...................$...........J.................................<...Y.....Y.H...Y.....Rich............................PE..d....m.e..........".......%..p......d=%........@..............................4.....A.4...`.................................................l.1.......4......02.......3..2....4..l......p.......................(...P...8.............%..............................text....%.......%................. ..`.rdata..~.....%.......%.............@..@.data...h....P1......61.............@....pdata.......02.......1.............@..@.rsrc.........4.......3.............@..@.reloc...l....4..n....3.............@..B................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\OnlineThreatsSimple.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):274976
                                                  Entropy (8bit):6.453594795582743
                                                  Encrypted:false
                                                  SSDEEP:6144:8/nmbfJjqGaDTzrw4yFbHgs8sUUfkXB1OFE:8SfJ+GcTbAgs8148F
                                                  MD5:BC9AAB911CB1DB5A48257856F37535B8
                                                  SHA1:3E1CB75E5537776CD560F1F43C74DFA78A07BD5F
                                                  SHA-256:8A787F1558CF9ADDE749475C564F6425814CBC878817FB93C046F6475E32CCF0
                                                  SHA-512:E998201E5C53B6167350FEE9A01C32FC9BFE3DB2330C4D4DDF02C33D4A4AEEE329CAD1748DCE06056770E0D5CE40829E5ADB60018A316E64E047F845DEC7CE46
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......|..B8.`.8.`.8.`.,.d.3.`.,.c.=.`.,.e...`.j.d.7.`.j.c.1.`.j.e...`.,.a.=.`.8.a.U.`...i.5.`...`.9.`....9.`.8...9.`...b.9.`.Rich8.`.........................PE..d... ..b.........." .........B..............................................P.......o....`.........................................@...........<....0..l........"...... @...@.................................(...p...8............................................text...<........................... ..`.rdata..............................@..@.data...D"..........................@....pdata...".......$..................@..@_RDATA....... ......................@..@.rsrc...l....0......................@..@.reloc.......@......................@..B................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\WebFilteringSimple.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):224288
                                                  Entropy (8bit):6.345306921696582
                                                  Encrypted:false
                                                  SSDEEP:3072:n2EAXJptVRFX8FwUqFem+3+yv5vJGKX5XG6pD7XwXv3vi5sV3CtJm9X:rKntFUqzc+yfpXhLsVStJm9X
                                                  MD5:696B2B48BCEC337EC8B9A644E078FEA0
                                                  SHA1:741EA54712FE9B4A3F23584C4D58A076B7E285E3
                                                  SHA-256:640098F39E1C1D7B994670C61F5263CB5EF55D5E6DFBD65F02888A01DB818C08
                                                  SHA-512:C2B9C68BBF475A69D5DD34EF53994818F41A9BE1F4F759629FAA282A5FB709ECA37AA32055A3E9F6D12B2CEDA18B3ABA051CEAEFA2411F383689D1EF8B85EC08
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......b..&...&...&...2...-...2...#...2......t.......t...)...t.../...2...%...&...N......,......'......'...&.{.'......'...Rich&...........................PE..d......b.........." .........$......\...............................................6+....`.....................................................(....`..l....0.......,.. @...p..................................(.......8............ ...............................text...L........................... ..`.rdata..X.... ......................@..@.data...............................@....pdata.......0......................@..@_RDATA.......P......................@..@.rsrc...l....`......................@..@.reloc.......p.......$..............@..B................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-console-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.590871373830902
                                                  Encrypted:false
                                                  SSDEEP:192:fFWOhWYT71ojDBQABJtqnajxcRGlPHxZzH:dWOhWNDBRJtll7PHvzH
                                                  MD5:1FB62EF7E71B24A44EA5F07288240699
                                                  SHA1:875261B5537ED9B71A892823D4FC614CB11E8C1F
                                                  SHA-256:70A4CD55E60F9DD5D047576E9CD520D37AF70D74B9A71E8FA73C41475CAADC9A
                                                  SHA-512:3B66EFE9A54D0A3140E8AE02C8632A3747BAD97143428AEDC263CB57E3CFA53C479B7F2824051FF7A8FD6B838032D9AE9F9704C289E79EED0D85A20A6F417E61
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0............`.........................................`...+............ ..................`!..............8............................................................................rdata..@...........................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-datetime-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.593096817502992
                                                  Encrypted:false
                                                  SSDEEP:192:uWOhWFT71ojDBQABJE41qnajLQvTP+8jIrEPB:uWOhWeDBRJE41lvQyUIrEPB
                                                  MD5:0FB91D94F6D006DA24A3A2DF6D295D81
                                                  SHA1:DB8AE2C45940D10F463B6DBECD63C22ACAB1EEE2
                                                  SHA-256:E08D41881DBEF8E19B9B5228938E85787292B4B6078D5384BA8E19234A0240A8
                                                  SHA-512:16D16EB10031C3D27E18C2EE5A1511607F95F84C8D32E49BBACEE1ADB2836C067897EA25C7649D805BE974BA03FF1286EB665361036FD8AFD376C8EDCFABD88C
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0.......j....`.........................................`................ ..................`!..............8............................................................................rdata..$...........................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-debug-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.592799072415155
                                                  Encrypted:false
                                                  SSDEEP:192:LWOhW4T71ojDBQABJ4e7qnajMHxxBNT06YeOV:LWOhWtDBRJv7lI66YeOV
                                                  MD5:C1FDD419184EF1F0895E4F7282D04DC5
                                                  SHA1:42C00EEE48C72BFDE66BC22404CD9D2B425A800B
                                                  SHA-256:E8CF51A77E7720BD8F566DB0A544E3DB1C96EDC9A59D4F82AF78B370DE5891F7
                                                  SHA-512:21AA4D299D4C2EAB267A114644C3F99F9F51964FD89B5C17769A8F61A2B08C237E5252B77CA38F993A74CC721B1B18E702C99BDFA39E0D43D375C56F126BE62C
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0.......s....`.........................................`................ ..................`!..............8............................................................................rdata..0...........................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-errorhandling-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.6481423677116895
                                                  Encrypted:false
                                                  SSDEEP:192:jmxD3OlWOhWuFT71ojDBQABJ52Tqnajsl/cqt/3SR:jVlWOhWZDBRJ52TlPqZCR
                                                  MD5:E46BC300BF7BE7B17E16FF12D014E522
                                                  SHA1:BA16BC615C0DAD61EF6EFE5FD5C81CEC5CFBAD44
                                                  SHA-256:002F6818C99EFBD6AEE20A1208344B87AF7B61030D2A6D54B119130D60E7F51E
                                                  SHA-512:F92C1055A8ADABB68DA533FE157F22C076DA3C31D7CF645F15C019CE4C105B99933D860A80E22315377585AE5847147C48CD28C9473A184C9A2149B1D75EE1B1
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0.......T....`.........................................`................ ..................`!..............8............................................................................rdata..............................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-file-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):15200
                                                  Entropy (8bit):6.555039640732934
                                                  Encrypted:false
                                                  SSDEEP:192:CAuVYPvVX8rFTsaWOhW7T71ojDBQABJdlTbqnajLQvTP+8jIrxm:/BPvVXUWOhWIDBRJzTblvQyUIro
                                                  MD5:E87192A43630EB1F6BDF764E57532B8B
                                                  SHA1:F9DDA76D7E1ACDBB3874183A9F1013B6489BD32C
                                                  SHA-256:D9CD7767D160D3B548CA57A7A4D09FE29E1A2B5589F58FBCF6CB6E992F5334CF
                                                  SHA-512:30E29F2FFDC47C4085CA42F438384C6826B8E70ADF617AC53F6F52E2906D3A276D99EFCC01BF528C27ECA93276151B143E6103B974C20D801DA76F291D297C4C
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................@......dp....`.........................................`................0..................`!..............8............................................................................rdata..............................@..@.rsrc........0......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-file-l1-2-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.612267657675765
                                                  Encrypted:false
                                                  SSDEEP:192:SE3WOhWST71ojDBQABJrbA0nqnajLQvTP+8jIrJT:SMWOhWDDBRJf3nlvQyUIrJT
                                                  MD5:7041205EA1A1D9BA68C70333086E6B48
                                                  SHA1:5034155F7EC4F91E882EAE61FD3481B5A1C62EB0
                                                  SHA-256:EFF4703A71C42BEC1166E540AEA9EEAF3DC7DFCC453FEDCB79C0F3B80807869D
                                                  SHA-512:AEA052076059A8B4230B73936EF8864EB4BB06A8534E34FE9D03CC92102DD01B0635BFCE58F4E8C073F47ABFD95FB19B6FBFCDAF3BC058A188665AC8D5633EB1
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0......e.....`.........................................`...L............ ..................`!..............8............................................................................rdata..\...........................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-file-l2-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.723077592178679
                                                  Encrypted:false
                                                  SSDEEP:192:uVEWOhWET71ojDBQABJ+AqqnajL1dHx3RKHf+c4uSg:uVEWOhWpDBRJClXBRC8g
                                                  MD5:8FD05F79565C563A50F23B960F4D77A6
                                                  SHA1:98E5E665EF4A3DD6F149733B180C970C60932538
                                                  SHA-256:3EB57CDA91752A2338EE6B83B5E31347BE08831D76E7010892BFD97D6ACE9B73
                                                  SHA-512:587A39AECB40EFF8E4C58149477EBAEB16DB8028D8F7BEA9114D34E22CD4074718490A4E3721385995A2B477FE33894A044058880414C9A668657B90B76D464F
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0......Q.....`.........................................`................ ..................`!..............8............................................................................rdata..............................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-handle-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.612906130780676
                                                  Encrypted:false
                                                  SSDEEP:96:OrTC93EWVAhWwf0pDX/kDbzuT714pVUtOwDD0pBDXiebs/Am2grWXGu2DXJHN1dg:aWOhWBT71ojDBQABJ8kqnajsl/cqt3gf
                                                  MD5:CEDBEAE3CB51098D908EF3A81DC8D95C
                                                  SHA1:C43E0BF58F4F8EA903EA142B36E1CB486F64B782
                                                  SHA-256:3CB281C38FA9420DAEDB84BC4CD0AAA958809CC0B3EFE5F19842CC330A7805A0
                                                  SHA-512:72E7BDF4737131046E5EF6953754BE66FB7761A85E864D3F3799D510BF891093A2DA45B684520E2DBCE3819F2E7A6F3D6CF4F34998C28A8A8E53F86C60F3B78A
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0......@p....`.........................................`..._............ ..................`!..............8............................................................................rdata..t...........................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-heap-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.567983866804271
                                                  Encrypted:false
                                                  SSDEEP:192:sZlpWOhW3jT71ojDBQABJfqnajsl/cqtV/:ilpWOhWwDBRJflPq3/
                                                  MD5:13B358D9ECFFB48629E83687E736B61D
                                                  SHA1:1F876F35566F0D9E254C973DBBF519004D388C8D
                                                  SHA-256:1CF1B6F42985016BC2DC59744EFEAC49515F8ED1CC705FE3F5654D81186097CD
                                                  SHA-512:08E54FA2B144D5B0DA199D052896B9CF556C0D1E6F37C2AB3363BE5CD3CF0A8A6422626A0643507AA851FDDF3A2EA3D42A05B084BADF509B35EC50CB2E0BB5CE
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0......~n....`.........................................`................ ..................`!..............8............................................................................rdata..............................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-interlocked-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.636859346769873
                                                  Encrypted:false
                                                  SSDEEP:192:fWOhWBT71ojDBQABJgO39qnajMHxxBNT06YeO8Pw:fWOhW6DBRJDlI66YeO8I
                                                  MD5:C9649C9873F55CB7CDC3801B30136001
                                                  SHA1:3D2730A1064ACD8637BFC69F0355095E6821EDFD
                                                  SHA-256:D05E1BD7FA00F52214192A390D36758FA3FE605B05A890A38F785C4DB7ADEF1F
                                                  SHA-512:39497BAA6301C0AD3E9E686F7DFA0E40DBEA831340843417EECC23581B04972FACC2B6D30173CC93BF107A42F9D5D42515EF9FD73BB17070EB6F54109DC14E3E
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0............`.........................................`................ ..................`!..............8............................................................................rdata..............................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-libraryloader-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.664594338687575
                                                  Encrypted:false
                                                  SSDEEP:192:2qovuBL3BUWOhWZT71ojDBQABJ4wFqnajsl/cqtewMC:2dvuBL3BUWOhWCDBRJ4wFlPqkwMC
                                                  MD5:BEDC3D74C8A93128EF9515FD3E1D40EB
                                                  SHA1:D207C881751C540651DBDB2DBD78E7ECD871BFE1
                                                  SHA-256:FEFC7BC60BD8D0542CCEA84C27386BC27EB93A05330E059325924CB12AAF8F32
                                                  SHA-512:CDCBCE2DBE134F0AB69635E4B42EF31864E99B9AB8B747FB395A2E32B926750F0DD153BE410337D218554434F17E8BC2F5501F4B8A89BB3A6BE7F5472FB18360
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0......js....`.........................................`................ ..................`!..............8............................................................................rdata..(...........................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-localization-l1-2-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):14176
                                                  Entropy (8bit):6.6583764022456275
                                                  Encrypted:false
                                                  SSDEEP:384:JOMw3zdp3bwjGjue9/0jCRrndbLAWOhWqDBRJKlI66YeOU/:JOMwBprwjGjue9/0jCRrndbLsP1PT66j
                                                  MD5:769BF2930E7B0CE2E3FB2CBC6630BA2E
                                                  SHA1:B9DF24D2D37CA8B52CA7EB5C6DE414CB3159488A
                                                  SHA-256:D10FF3164ACD8784FE8CC75F5B12F32CE85B12261ADB22B8A08E9704B1E5991A
                                                  SHA-512:9ABDCCCC8EE21B35F305A91EA001C0B8964D8475680FA95B4AFBDC2D42797DF543B95FC1BCD72D3D2CCC1D26DFF5B3C4E91F1E66753626837602DBF73FC8369B
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0............`.........................................`................ ..................`!..............8............................................................................rdata..............................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-memory-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.61420154157855
                                                  Encrypted:false
                                                  SSDEEP:192:SYWOhW8T71ojDBQABJdXqnajMHxxBNT06YeOAd:SYWOhWRDBRJ5lI66YeOY
                                                  MD5:89766E82E783FACF320E6085B989D59D
                                                  SHA1:A3FFB65F0176C2889A6E4D9C7F4B09094AFB87ED
                                                  SHA-256:B04AF86E7B16AADA057A64139065DF3A9B673A1A8586A386B1F2E7300C910F90
                                                  SHA-512:EA4DF1B2763DDE578488BB8DD333BE8F2B79F5277C9584D1FC8F11E9961D38767D6A2DA0B7B01BAD0D002D8DCF67CCA1D8751A518F1EE4B9318081F8DF0422C7
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0............`.........................................`...l............ ..................`!..............8............................................................................rdata..............................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-namedpipe-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.724173936599513
                                                  Encrypted:false
                                                  SSDEEP:192:q4WOhWcpT71ojDBQABJYwqnajMHxxBNT06YeOg3+:dWOhWnDBRJYwlI66YeOg3+
                                                  MD5:B8BCE84B33AE9F56369B3791F16A6C47
                                                  SHA1:50F14D1FE9CB653F2ED48CBB52F447BDD7EC5DF4
                                                  SHA-256:0AF28C5C0BB1C346A22547E17A80CB17F692BF8D1E41052684FA38C3BBCBB8C8
                                                  SHA-512:326092BAE01D94BA05ECEC0EA8A7BA03A8A83C5CAF12BEF88F54D075915844E298DBA27012A1543047B73B6A2AE2B08478711C8B3DCC0A7F0C9FFABBA5B193CF
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0............`.........................................`................ ..................`!..............8............................................................................rdata..............................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-processenvironment-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12640
                                                  Entropy (8bit):6.593815470935579
                                                  Encrypted:false
                                                  SSDEEP:192:9RWOhW9T71ojDBQABJjw3rXqnajL1dHx3tKCJA6:9RWOhWGDBRJjWTlXBtpO6
                                                  MD5:77E9C54DA1436B15B15C9C7E1CEDD666
                                                  SHA1:6CE4D9B3DC7859D889D4CCD1E8E128BF7CA3A360
                                                  SHA-256:885BD4D193568D10DD24D104CCF92B258A9262565E0C815B01EC15A0F4C65658
                                                  SHA-512:6EECF63D3DF4E538E1D2A62C6266F7D677DAEBD20B7CE40A1894C0EBE081585E01E0C7849CCDF33DD21274E194E203E056E7103A99A3CD0172DF3ED791DCE1C2
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0...........`.........................................`...G............ ..................`!..............8............................................................................rdata..h...........................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-processthreads-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):13664
                                                  Entropy (8bit):6.659212810296714
                                                  Encrypted:false
                                                  SSDEEP:384:rWXk1JzNcKSIrTWOhWGDBRJBDlI66YeOM:rbcKS4H1PA66MM
                                                  MD5:540D7C53D63C7FF3619F99F12AAC0AFE
                                                  SHA1:69693E13C171433306FB5C9BE333D73FDF0B47ED
                                                  SHA-256:3062BD1F6D52A6B830DBB591277161099DCF3C255CFF31B44876076069656F36
                                                  SHA-512:CE37439CE1DFB72D4366CA96368211787086948311EB731452BB453C284CCC93CCECEF5C0277D4416051F4032463282173F3EC5BE45E5C3249F7C7EC433F3B3E
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0............`.........................................`................ ..................`!..............8............................................................................rdata..............................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-processthreads-l1-1-1.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.6465314684642856
                                                  Encrypted:false
                                                  SSDEEP:192:EDfIe9WOhWZT71ojDBQABJv84YqnajMHxxBNT06YeOi:EDfIe9WOhWCDBRJv+lI66YeOi
                                                  MD5:6486E2F519A80511AC3DE235487BEE79
                                                  SHA1:B43FD61E62D98EEA74CF8EB54CA16C8F8E10C906
                                                  SHA-256:24CC30D7A3E679989E173DDC0A9E185D6539913AF589EE6683C03BF3DE485667
                                                  SHA-512:02331C5B15D9EE5A86A7AAF93D07F9050C9254B0CD5969D51EFF329E97E29EEA0CB5F2DCCFE2BFA30E0E9FC4B222B89719F40A46BD762E3FF0479DBAC704792C
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0............`.........................................`................ ..................`!..............8............................................................................rdata..............................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-profile-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11104
                                                  Entropy (8bit):6.758510658575192
                                                  Encrypted:false
                                                  SSDEEP:192:IL+MWOhWaT71ojDBQABJl6lqnajMHxxBNT06YeOm:IL9WOhWbDBRJUllI66YeOm
                                                  MD5:A37FAEA6C5149E96DC1A523A85941C37
                                                  SHA1:0286F5DAFFFA3CF58E38E87F0820302BCF276D79
                                                  SHA-256:0E35BEBD654EE0C83D70361BCAECF95C757D95209B9DBCB145590807D3FFAE2E
                                                  SHA-512:A88DF77F3CC50D5830777B596F152503A5A826B04E35D912C979DED98DC3C055EB150049577BA6973D1E6C737D3B782655D848F3A71BD5A67AA41FC9322F832E
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0............`.........................................`................ ..................`!..............8............................................................................rdata..............................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-rtlsupport-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.5904782348675095
                                                  Encrypted:false
                                                  SSDEEP:192:9GeVZS3WOhWYT71ojDBQABJNVSqnajLQvTP+8jIr5cT:9GeVY3WOhWNDBRJNQlvQyUIrC
                                                  MD5:6E46E5CCA4A98A53C6D2B6C272A2C3BA
                                                  SHA1:BC8F556EE4260CCE00F4DC66772E21B554F793A4
                                                  SHA-256:87FCA6CDFA4998B0A762015B3900EDF5B32B8275D08276ABC0232126E00F55CE
                                                  SHA-512:CFEEA255C66B4394E1D53490BF264C4A17A464C74D04B0EB95F6342E45E24BBC99FF016A469F69683CE891D0663578C6D7ADEE1929CC272B04FCB977C673380F
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0.......A....`.........................................`................ ..................`!..............8............................................................................rdata..,...........................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-string-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.669862087147008
                                                  Encrypted:false
                                                  SSDEEP:192:5yMvqWOhWuT71ojDBQABJhN7XqnajL1dHx3tKCJAL:5yMvqWOhWfDBRJXjlXBtpOL
                                                  MD5:B72698A2B99E67083FABD7D295388800
                                                  SHA1:17647FC4F151C681A943834601C975A5DB122CEB
                                                  SHA-256:86D729B20A588B4C88160E38B4D234E98091E9704A689F5229574D8591CF7378
                                                  SHA-512:33BDFE9AC12339E1EDAB7698B344AB7E0E093A31FEDC697463BBE8A4180BB68B6CC711A2CEB22CE410E3C51EFAA7EA800BAD30A93B3AC605B24885D3EF47CB7A
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0.......s....`.........................................`................ ..................`!..............8............................................................................rdata..............................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-synch-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):13664
                                                  Entropy (8bit):6.569352219895776
                                                  Encrypted:false
                                                  SSDEEP:384:ldv3V0dfpkXc0vVaLWOhWYDBRJCOlvQyUIrXr:ldv3VqpkXc0vVa1Z1PlvUwXr
                                                  MD5:E1DEBEDA8D4680931B3BB01FAE0D55F0
                                                  SHA1:A26503C590956D4E2D5A42683C1C07BE4B6F0CE7
                                                  SHA-256:A2D22C5B4B38AF981920AB57B94727ECAD255A346BB85F0D0142B545393A0A2D
                                                  SHA-512:A9211F5B3A1D5E42FDE406AAB1B2718E117BAE3DD0857D4807B9E823A4523C3895CF786519D48410119D1838AB0C7307D6EF530B1159328350CC23EBC32F67CD
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0............`.........................................`...V............ ..................`!..............8............................................................................rdata..l...........................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-synch-l1-2-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.702819615773428
                                                  Encrypted:false
                                                  SSDEEP:192:7tZ3RWOhWKT71ojDBQABJXPXqnajL1dHx3tKCJAI:7tZ3RWOhWLDBRJX/lXBtpOI
                                                  MD5:A639C64C03544491CD196F1BA08AE6E0
                                                  SHA1:3EE08712C85AAB71CFBDB43DBEF06833DAA36AB2
                                                  SHA-256:A4E57620F941947A570B5559CA5CCE2F79E25E046FCB6519E777F32737E5FD60
                                                  SHA-512:C940D1F4E41067E6D24C96687A22BE1CB5FFD6B2B8959D9667BA8DB91E64D777D4CD274D5877380D4CFEF13F6486B4F0867AF02110F96C040686CC0242D5234B
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0.......q....`.........................................`...v............ ..................`!..............8............................................................................rdata..............................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-sysinfo-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12640
                                                  Entropy (8bit):6.594429104154007
                                                  Encrypted:false
                                                  SSDEEP:192:TKIMFR6WOhW2T71ojDBQABJPfqnajMHxxBNT06YeOEK:TU6WOhW3DBRJHlI66YeOp
                                                  MD5:56486925434EBCB5A88DD1DFA173B3D0
                                                  SHA1:F6224DD02D19DEBC1ECC5D4853A226B9068AE3CD
                                                  SHA-256:4F008AA424A0A53A11535647A32FABB540306702040AA940FB494823303F8DCE
                                                  SHA-512:7BB89BD39C59090657AB91F54FB730D5F2C46B0764D32CFA68BB8E9D3284C6D755F1793C5E8722ACF74EB6A39D65E6345953E6591106A13AB008DCF19863AE49
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0.......%....`.........................................`...E............ ..................`!..............8............................................................................rdata..\...........................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-timezone-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.7498302358011895
                                                  Encrypted:false
                                                  SSDEEP:96:OliqS7EWVAhWwfbDX/kDbzuT714pVUtOwDD0pBDXiebs/Am2grWXGu2DXBt2Q3Dz:+WOhW6T71ojDBQABJrLqnajxcRGlPHUp
                                                  MD5:6F9F9D52087AE4D8D180954B9D42778B
                                                  SHA1:67419967A40CC82A0CA4151589677DE8226F9693
                                                  SHA-256:EF1D71FE621341C9751EE59E50CBEC1D22947622FFAF8FB1F034C693F1091EF0
                                                  SHA-512:22A0488613377746C13DB9742F2E517F9E31BD563352CC394C3AE12809A22AA1961711E3C0648520E2E11F94411B82D3BB05C7EA1F4D1887AACF85045CF119D7
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0.......,....`.........................................`................ ..................`!..............8............................................................................rdata..............................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-util-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):11616
                                                  Entropy (8bit):6.59720677146787
                                                  Encrypted:false
                                                  SSDEEP:192:ZWOhWKT71ojDBQABJLAjqnajMHxxBNT06YeOOG47zl:ZWOhWLDBRJcjlI66YeOOGu
                                                  MD5:7243D672604766E28E053AF250570D55
                                                  SHA1:7D63E26FFB37BF887760DC28760D4B0873676849
                                                  SHA-256:F24A6158D7083E79F94B2088B2EA4D929446C15271A41C2691B8D0679E83EF18
                                                  SHA-512:05B0EDF51F10DB00ADC81FA0E34963BE1A9F5C4CA303A9C9179C8340D5D2700534C5B924005556C89C02AC598BA6C614EE8AB8415F9AD240417529E5E0F6A41B
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0......j?....`.........................................`...9............ ..................`!..............8............................................................................rdata..L...........................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-conio-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12640
                                                  Entropy (8bit):6.6192154978615525
                                                  Encrypted:false
                                                  SSDEEP:192:3YxWOhWVT71ojDBQABJIY0Vqnaj9RlW5EeHA:3YxWOhWuDBRJ2lBRc5Eeg
                                                  MD5:C0C8790510471F12F3C4555E5F361E8E
                                                  SHA1:7ADFFC87C04B7DF513BB163C3FBE9231B8E6566A
                                                  SHA-256:60BD8F0BD64062292EFF0F5F1A91347B8D61FBE3F2E9B140112501770EAE0B80
                                                  SHA-512:4F71AA0942F86E86F787036DC60EAEA33AF0C277F03CF1E551AAABA48DAD48593BCCEECCC359EFBF18EF99CF49F2D46B4C17159A531FFB1C3A744ABCE57219EB
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0......P(....`.........................................`................ ..................`!..............8............................................................................rdata..............................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-convert-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):15712
                                                  Entropy (8bit):6.430511748217981
                                                  Encrypted:false
                                                  SSDEEP:192:ivlUcyTSWOhW2T71ojDBQABJrJXqnajL1dHx3tKCJA3v:i9DyTSWOhW3DBRJxlXBtpO/
                                                  MD5:EBAC9545734CC1BEC37C1C32FFAFF7D8
                                                  SHA1:2B716CE57F0AF28D1223F4794CC8696D49AE2F29
                                                  SHA-256:D09B49F2A30DCC13B7F0DE8242FA57D0BDEB22F3B7E6C224BE73BC4DD98D3C26
                                                  SHA-512:0396EA24A6744D48CE18F9CCB270880F74C4B6EAB40F8F8BAF5FD9B4AD2AC79B830F9B33C13A3FEC0206A95AD3824395DB6B1825302D1D401D26BDC9EEF003B2
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................@.......*....`.........................................`................0..................`!..............8............................................................................rdata..............................@..@.rsrc........0......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-environment-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.585414377461665
                                                  Encrypted:false
                                                  SSDEEP:192:VjHWOhWGT71ojDBQABJAqnajxcRGlPH6Yv:FHWOhWHDBRJAll7PH6Yv
                                                  MD5:C7C4A49C6EE6B1272ADE4F06DB2FA880
                                                  SHA1:B4B5490A51829653CB2E9E3F6FBE9CAF3BA5561E
                                                  SHA-256:37F731E7B1538467288BF1D0E586405B20808D4BAD05E47225673661BC8B4A9F
                                                  SHA-512:62CCDFAC19EF4E3D378122146E8B2CBA0E1DB2CC050B49522BEDBF763127CC2103A56C5A266E161A51D5BE6BD9A47222EE8BB344B383F13D0AAC0BAA41EAB0FF
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0............`.........................................`..."............ ..................`!..............8............................................................................rdata..<...........................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-filesystem-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):13664
                                                  Entropy (8bit):6.641564163430014
                                                  Encrypted:false
                                                  SSDEEP:192:sD81nWlC0i5CkkWOhW+T71ojDBQABJusXqnajL1dHx3tKCJAH5R:sD81nWm5CbWOhWvDBRJvlXBtpOH5R
                                                  MD5:BEF17BF1BA00150163A2E1699FF5840A
                                                  SHA1:89145A894B17427F4CB2B4E7E814C92457FD2A75
                                                  SHA-256:48C71B2D0AF6807F387D97AB22A3BA77B85BDF457F8A4F03CE79D13FBB891328
                                                  SHA-512:489D1B4D405EDBB5F46B087A3EBF57A344BF65478B3CD5FCF273736EA6FDD33E54B1806FBB751849E160370DF8354F39FC7CA7896A05B4660AD577A9E0E683E4
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0............`.........................................`................ ..................`!..............8............................................................................rdata..............................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-heap-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12640
                                                  Entropy (8bit):6.553505818372369
                                                  Encrypted:false
                                                  SSDEEP:192:I5CY17aFBR1WOhWZT71ojDBQABJxn0lqnajsl/cqtqA/:I5IWOhWCDBRJclPq8y
                                                  MD5:FBFCF220F1BF1051E82A40F349D4BEAE
                                                  SHA1:43154EA6705AB1C34207B66A0A544AC211C1F37D
                                                  SHA-256:9B9A43B9A32A3D3C3DE72B2ACCA41E051B1E604B45BE84985B6A62FB03355E6D
                                                  SHA-512:E9AB17CEB5449E8303027A08AFDBDD118CB59EAEA0D5173819D66D3EE01F0CD370D7230A7D609A226B186B151FE2B13E811339FA21F3EC45F843075CEDC2A5C0
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0......S.....`.........................................`................ ..................`!..............8............................................................................rdata..(...........................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-locale-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.676689977859738
                                                  Encrypted:false
                                                  SSDEEP:192:h91WOhWDT71ojDBQABJSvFCHqnaj9RlW5Eq:h91WOhWADBRJoF8lBRc5Eq
                                                  MD5:2C8E5E31E996E2C0664F4A945CECE991
                                                  SHA1:8522C378BDD189CE03A89199DD73ED0834B2FA95
                                                  SHA-256:1C556505A926FD5F713004E88D7F8D68177D7D40A406F6ED04AF7BACD2264979
                                                  SHA-512:14B92E32FB0FD9C50AA311F02763CBA50692149283D625A78B0549B811D221331CF1B1F46D42869500622D128C627188691D7DE04C500F501ACD720CEA7C8050
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0.......>....`.........................................`...e............ ..................`!..............8............................................................................rdata..|...........................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-math-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):20832
                                                  Entropy (8bit):6.211462844191868
                                                  Encrypted:false
                                                  SSDEEP:384:qZVacWM4Oe59Ckb1hgmLVXWOhW9DBRJOsAlXBtpOi:qZVJWMq59Bb1jVx01PI7
                                                  MD5:77C5CC86B89EED37610B80F24E88DCC2
                                                  SHA1:D2142ECCE3432B545FEDC8005CC1BF08065C3119
                                                  SHA-256:3E8828AB7327F26DA0687F683944FFC551440A3DE1004CC512F04A2F498520F6
                                                  SHA-512:81DE6533BBA83F01FED3F7BEED1D329B05772B7A13FFE395414299C62E3E6D43173762CB0B326EA7ECF0E61125901FCEE7047E7A7895B750DE3D714C3FE0CC67
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........,...............................................P.......g....`.........................................`....%...........@...............0..`!..............8............................................................................rdata...&.......(..................@..@.rsrc........@.......,..............@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-multibyte-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):19808
                                                  Entropy (8bit):6.189879847219438
                                                  Encrypted:false
                                                  SSDEEP:384:m7F7vLPmIHJI6/CpG3t2G3t4odXLJWOhW5DBRJvlXBtpOL0VS:m5/PmIHJI6x41PB7VS
                                                  MD5:4394DAFED734DFE937CF6EDBBB4B2F75
                                                  SHA1:06EC8F1F8DD1EAB75175A359A7A5A7EE08D7A57A
                                                  SHA-256:35B247534F9A19755A281E6DC3490F8197DD515F518C6550208B862C43297345
                                                  SHA-512:33D9C5041E0F5B0913DD8826CEB080E2284F78164EFFDE1DBF2C14C1234D6B9F33AF6AE9F6E28527092AD8C2DBC13BDDFC73A5B8C738A725AD0C6BB0AA7FCFAF
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........(...............................................P......".....`.........................................`.... ...........@...............,..`!..............8............................................................................rdata...".......$..................@..@.rsrc........@.......(..............@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-private-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):62304
                                                  Entropy (8bit):5.557526246773934
                                                  Encrypted:false
                                                  SSDEEP:1536:tt/TFDe5c4bFJcvxXWpDAd3334BkZnwPO4P/V+:tt7FDe5c4bFJcvxXWpDAd3334BkZnwPI
                                                  MD5:18BDFD4B9E28F7EBA7CBB354E9C12FCB
                                                  SHA1:26222EFACB3FCE1995253002C3CE294C7045CF97
                                                  SHA-256:3105DA41B02009383826ED70857DE1A8961DAEB942E9068D0357CDDD939FA154
                                                  SHA-512:7D27EEFF41B1E30579C2A813EEA8385D8A9569BC1ECE5310B0A3F375FBA1894028C5CEC2CF204E153A50411C5DCF1992E8AC38F1C068C8F8AF9BD4897C379C04
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." ......................................................................`.........................................`...0...............................`!..............8............................................................................rdata..D...........................@..@.rsrc...............................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-process-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12640
                                                  Entropy (8bit):6.586986623530098
                                                  Encrypted:false
                                                  SSDEEP:192:6WitIqjd7vWOhWqT71ojDBQABJJqnajxcRGlPHXsh:6WitI2WOhWrDBRJJll7PHU
                                                  MD5:7DDD5548E3C4DE83D036B59DBF55867A
                                                  SHA1:E56B4D9CFCA18FB29172E71546DC6EF0383AC4E9
                                                  SHA-256:75F7B0937A1433EA7E7FA2904B02FD46296B31DA822575C0A6BC2038805971EF
                                                  SHA-512:9FB30EF628741CEBBC0F80D07824E80C9C73E0E1341866F4E45DC362FEA211D622AA1CFFC9199BE458609483F166F6C34C68B585EFE196D370C100F9C7315E0D
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0............`.........................................`...x............ ..................`!..............8............................................................................rdata..............................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-runtime-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):16224
                                                  Entropy (8bit):6.4496160353996395
                                                  Encrypted:false
                                                  SSDEEP:192:iGrMUnaPrpJhhf4AN5/KiGWOhW3T71ojDBQABJcGSXqnajL1dHx3tKCJAv+:il42r7QWOhWEDBRJcFlXBtpOW
                                                  MD5:A3F630A32D715214D6C46F7C87761213
                                                  SHA1:1078C77010065C933A7394D10DA93BFB81BE2A95
                                                  SHA-256:D16DB68B4020287BB6CE701B71312A9D887874C0D26B9EBD82C3C9B965029562
                                                  SHA-512:920BB08310EADD7832011AC80EDD3E12CE68E54E510949DBBDE90ADAAC497DEBE050E2B73B9B22D9DC105386C45D558C3F9E37E1C51ED4700DD82B00E80410BC
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................@............`.........................................`...4............0..................`!..............8............................................................................rdata..H...........................@..@.rsrc........0......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-stdio-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):17760
                                                  Entropy (8bit):6.39633954351012
                                                  Encrypted:false
                                                  SSDEEP:192:9rjrvIDmMSNuWYFxEpahlWOhW8T71ojDBQABJqZvKXqnajL1dHx3tKCJA3:Z3vAmiFVhlWOhWRDBRJqZ2lXBtpO3
                                                  MD5:C99C9EEA4F83A985DAF48EED9F79531B
                                                  SHA1:56486407C84BEECADB88858D69300035E693D9A6
                                                  SHA-256:7C416D52A7E8D6113FF85BF833CAE3E11C45D1C2215B061A5BBD47432B2244A5
                                                  SHA-512:78B8FD1FAADA381B7C4B7B6721454A19969011C1D1105FC02BA8246B477440B83DC16F0E0CE0B953A946DA9D1971B65315AC29DBB6DF237A11BECB3D981B16B9
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." ......... ...............................................@......(.....`.........................................`...a............0...............$..`!..............8............................................................................rdata..t...........................@..@.rsrc........0....... ..............@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-string-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):17760
                                                  Entropy (8bit):6.38266987954225
                                                  Encrypted:false
                                                  SSDEEP:384:eoax0C5yguNvZ5VQgx3SbwA7yMVIkFGlkWOhW2DBRJ1lBRc5EKe5:Ds5yguNvZ5VQgx3SbwA71IkFHr1PZRcs
                                                  MD5:D3D72D7F4C048D46D81A34E4186600B4
                                                  SHA1:CDCAD0A3DF99F9AEE0F49C549758EE386A3D915F
                                                  SHA-256:FD8A73640A158857DD76173C5D97CEEBA190E3C3EABF39446936B24032B54116
                                                  SHA-512:6BF9D2FDC5C2D8CD08BF543EF7A0CDCB69D7658A12BEE5601EEB9381B11D78D3C42EF9DD7E132E37D1EC34CC3DC66DF0F50AEFADFDC927904B520FDC2F994F18
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." ......... ...............................................@............`.........................................`................0...............$..`!..............8............................................................................rdata..............................@..@.rsrc........0....... ..............@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-time-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):14176
                                                  Entropy (8bit):6.533476391950624
                                                  Encrypted:false
                                                  SSDEEP:192:PauO/z7kzFDOWOhWfT71ojDBQABJRtJqnaj9RlW5Eo5:PaPEzMWOhWcDBRJVlBRc5EO
                                                  MD5:A992F1E06C3C32FFE9799D4750AF070A
                                                  SHA1:97FFD536D048720010133C3D79B6DEED7FC82E58
                                                  SHA-256:B401EDAAC4B41DA73356DE9B3358DC21F8B998A63413C868510DC734B1E4022F
                                                  SHA-512:50BD08680FCCFF190454E6555E65E2787BDC0E8A9BF711E364EB0B065951C2430559E049202B8F330AC65E9D4CD588349C524A71F700E179859D7829D8E840B8
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0............`.........................................`................ ..................`!..............8............................................................................rdata..............................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-utility-l1-1-0.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12128
                                                  Entropy (8bit):6.673014876017782
                                                  Encrypted:false
                                                  SSDEEP:192:5BfHQduWWOhWy1T71ojDBQABJPLtXqnajL1dHx3tKCJAaZ:5Bf8WOhWyODBRJFlXBtpOaZ
                                                  MD5:CB4A19B88BEC5A8806B419CF7C828018
                                                  SHA1:2BC264E0ECCB1A9D821BCA82B5A5C58DC2464C5D
                                                  SHA-256:97E4C91103C186517FA248772B9204ACF08FDE05557A19EFE28D11FB0932B1F7
                                                  SHA-512:381EDD45ECD5D2BDEFD1E3AD0C8465A32620DFA9B97717CADB6A584C9528FED0D599D5A4889962F04908CA4E2B7B4497F0E69D8481EE5F34EA5D9106D99760C3
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......m2..)S..)S..)S....].(S....A.+S....^.(S....C.(S..Rich)S..........................PE..d.....nU.........." .........................................................0......Y.....`.........................................`...^............ ..................`!..............8............................................................................rdata..t...........................@..@.rsrc........ ......................@..@................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci.cat

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):9953
                                                  Entropy (8bit):7.143267646872481
                                                  Encrypted:false
                                                  SSDEEP:192:njn/y4JCq+XooyKfPFWQFkgTE80Hy5qnajsTl5cLo:nfGrPFRtEslulN
                                                  MD5:595D134F65D1F9AAB5CA690D6B1662B2
                                                  SHA1:1E38A6020A577707D923DD9D802B2E5C948A7E9C
                                                  SHA-256:FB0DF649161FA7A1289DDFC42825F1BBF93156B1DE1C6526C07A1B6DBA14E6FA
                                                  SHA-512:3AFA8424599E3BD2EF4582EB6A961C7057E90BCA70999D58435DB9E7D0794A14688079CFCC284B8150D452EAB18FBECEFDC23A9FBDE7D618CCEEADE63805E0F6
                                                  Malicious:false
                                                  Preview:0.&...*.H........&.0.&....1.0...`.H.e......0.....+.....7......0...0...+.....7...........J.x...m.s..210826120626Z0...+.....7.....0...0..}.R5.C.E.E.6.0.F.0.7.0.9.3.0.D.C.9.7.1.E.4.D.3.5.D.4.8.E.3.0.3.6.4.F.6.2.3.A.A.D.2...1..%06..+.....7...1(0&...F.i.l.e........b.d.d.c.i...i.n.f...0@..+.....7...1200...O.S.A.t.t.r........2.:.6...0.,.2.:.1.0...0...0E..+.....7...17050...+.....7.......0!0...+........\.`.p...q..]H..d.#..0b..+.....7...1T0R.L.{.D.E.3.5.1.A.4.2.-.8.E.5.9.-.1.1.D.0.-.8.C.4.7.-.0.0.C.0.4.F.C.2.9.5.E.E.}....0....R7.C.9.5.7.3.6.8.1.B.B.6.6.6.6.3.3.5.A.0.F.7.1.5.B.B.E.8.C.2.0.4.B.4.1.0.8.4.E.5...1..-06..+.....7...1(0&...F.i.l.e........b.d.d.c.i...s.y.s...0@..+.....7...1200...O.S.A.t.t.r........2.:.6...0.,.2.:.1.0...0...0M..+.....7...1?0=0...+.....7...0...........0!0...+........|.sh..fc5...........0b..+.....7...1T0R.L.{.C.6.8.9.A.A.B.8.-.8.E.7.8.-.1.1.D.0.-.8.C.4.7.-.0.0.C.0.4.F.C.2.9.5.E.E.}.......C0..?0J..+.....7....<0:.&.Q.u.a.l.i.f.i.c.a.t.i.o.n. .L.e.v.e.l........1.0.0.0...0$..+

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci.inf

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:Windows setup INFormation
                                                  Category:dropped
                                                  Size (bytes):4585
                                                  Entropy (8bit):4.9899603115602105
                                                  Encrypted:false
                                                  SSDEEP:96:udXrNW28u5Z5u5j5h5A54FPO9EyNQkF9pSYzONz1oWO9WuS:u1pX3k5zaEO9E4PFSYSNxov9HS
                                                  MD5:E8B58A307F96DC9CE1EB2729F86E13B0
                                                  SHA1:5CEE60F070930DC971E4D35D48E30364F623AAD2
                                                  SHA-256:2C9A7118EF74C3B168663C8EC6F3A7B27653896E193129ED0BC5E9AA55A0AFBB
                                                  SHA-512:7CD9FE7BCC8C8EC1466ACC1ADC7AB8C9AB6BDAF7C7C27DCC6C0CB43BAB741F2519A88647CE43F74D7E9CAF4AE39AE172DC639ED1B2027B9E8F15F35353613D91
                                                  Malicious:false
                                                  Preview:;;;..;;; BdDci..;;;....[Version].. Signature = "$WINDOWS NT$".. Class = WFPCALLOUTS.. ClassGuid = {57465043-616C-6C6F-7574-5F636C617373}.. Provider = %Bitdefender%.. CatalogFile = bddci.cat.. DriverVer = 08/25/2021,14.6.1.96....[SourceDisksNames] ; "Used by SourceDiskFiles to express where those files are located".. 1 = %DiskName%,,,""....[SourceDisksFiles] ; "In order for a driver file or an application file to be included as part of a signed driver package".. bddci.sys = 1,,....[DestinationDirs] ; Specifies the destination directory for all copyfiles in this inf... DefaultDestDir = 12 ; 12 = \Drivers folder.. BdDci.DriverFiles = 12 ; 12 = \Drivers folder....[DefaultInstall].. CopyFiles=BdDci.DriverFiles..[DefaultInstall.Services].. AddService = %BdDciServiceName%,%SPSVCINST_ASSOCSERVICE%,BdDci.Prevention.Service....[DefaultInstall.Detection].. CopyFiles=BdDci.DriverFiles..[Defaul

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci.sys

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (native) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):800672
                                                  Entropy (8bit):6.427490885202283
                                                  Encrypted:false
                                                  SSDEEP:24576:TW3je01Io/rAYd/cg3NuRoB4Qn5ZTQuzfSuKRDSqLP6z5BLM5:a3jp1Io/rn/cgduRoB4Q5ZTQuzfShDSs
                                                  MD5:2A241AF18D9F0466AFF6CD77C1561F9B
                                                  SHA1:2C6BFC8E583ED026FDF9EC01265D99E22D39305A
                                                  SHA-256:528804013487CDB1DA617E512D1DE68060602887BCC8A7822BDB1346A2995FFD
                                                  SHA-512:6779667BB57C87FDBF4DEE57682E7851B5AD5BEA39DEB09FCB596AE48EB571317749FF59E825F91BD57527DAB7477DEAC5B24BDBD86471844FAD36876C08DD28
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........."?.Ll.Ll.Ll..Jm.Ll...l.Ll...l.Ll..Mm.Ll.Mlq.Ll..Om.Ll..Hm.Ll;.Im..Ll;.l.Ll;.Nm.LlRich.Ll................PE..d...#$&a.........."..........:......p..........@.............................p.............A....................................................d....P..`........i.......!...`.......D..T...........................0E..................h............................text............................... ..`PAGE....6".......$.................. ..`.rdata..............................@..@.data... ...........................@....pdata...i.......j..................@..@INIT....b....@...................... ..b.rsrc...`....P......................@..B.reloc.......`......................@..B........................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci_core.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):1552416
                                                  Entropy (8bit):6.327817060072325
                                                  Encrypted:false
                                                  SSDEEP:24576:401AaTk1RdGCCZQzknHaCj+g62hrrNKVnCVnii7Jvw5wZLqRRw:401AaTmdGCeQzknD/hrIVnCVnd7JvwSX
                                                  MD5:13EFC649989E224C8346C52AE3CC9A93
                                                  SHA1:BF907FEE6FCE0745601219F3FAA89BC2C08434B0
                                                  SHA-256:F994E407E9F78D521F335F25B7A4217FDCC4A5E6DC050FDF90D7870FDA1E0EF7
                                                  SHA-512:7C6F65858E3803AB9ABE075C2E257E322594B875BD6001BE5A6C6BDE0AB271844CCD7F869394666A2CE9B535ABB46E0332697D2C19836F886241881A60697CE0
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........iP.:P.:P.:D..;Z.:D..;D.:D..;..:<..;^.:<..;Z.:<..;..:D..;Y.:P.:..:...;W.:...;{.:...;Q.:..Y:Q.:P.1:Q.:...;Q.:RichP.:................PE..d...+$&a.........." .................>..............................................{p....`A.........................................$..p... %..d.......0...........p.. @......d...............................(...`...8............................................text...l........................... ..`.rdata...4.......6..................@..@.data........@...x..................@....pdata.............................@..@_RDATA...............L..............@..@.rsrc...0............N..............@..@.reloc..d............T..............@..B................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci_install.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):113
                                                  Entropy (8bit):5.024399016495459
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yOA59bR1GqWREEGRMGMily6ZhwKML5r:hSnJOrEE6RVtG
                                                  MD5:E53B0CDFA47603A767603BA0D7D88D5F
                                                  SHA1:E4954AC71F948F6CDE020CEC724C5E40079F1710
                                                  SHA-256:B6F48EC300DFA6C1B9465A1758960CC22E43C1C9E8BC9080B54B1355752C85A2
                                                  SHA-512:861BC7E89D56FC498C8D9D362F775FF1005FE23BDD9A7DCF76682CF3D39ECF13342C52BE1A527995EC47FD2CBD01F91E91F09F4094A0CB04903C9FB1B11921AE
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0..RunDLL32.Exe syssetup,SetupInfObjectInstallAction DefaultInstall 128 %CD%\bddci.inf..popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci_install_boot.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):110
                                                  Entropy (8bit):5.05232264138167
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yOA59bR1GqWREEGRMZiEly6ZhwKML5r:hSnJOrEEMEVtG
                                                  MD5:EB7FD87467EBED250DDF9205BBFCF35A
                                                  SHA1:AD6B37B514DFFC0BAE6D5046C2B34ADFD354AA32
                                                  SHA-256:49AC42D63849F3FC001AE109C63578A43778E97EEF8696EFE7CBA9FB03FE820D
                                                  SHA-512:64A4E216A9EAF6804DFA273AECFB8F7B7BD513EDEC4D75AF1C4C7370E5C5CACC0209475ABE40587A5A8003462AA2F4678E8518D96413C3FDD84220589AB01773
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0..RunDLL32.Exe syssetup,SetupInfObjectInstallAction BootInstall 128 %CD%\bddci.inf..popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci_reinstall.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):216
                                                  Entropy (8bit):5.127188347659828
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yuJqpsgLA5vRpMKz6yEly6ZhwKMLRA59bR1GqWREEGRMGMily6ZhwKf:hSnJGqpsgLQXdEVt4rEE6RVtfn
                                                  MD5:C0D4FA051CFCE46BD180B8E1611FE221
                                                  SHA1:DCE6714DCFB8A5986A74D7997994BC8A7A74D691
                                                  SHA-256:681BAF813771192AAF8853BB0DD3773DA610B429F875CB93A501968DD886EC22
                                                  SHA-512:AAC3C218B41C5A90F81A7E9EEFCEAF9F8854763F254A495AA5455BCBA3D97231DD8AA02B35D43880C1F4A094B5FC0965109B267C4DA15B3682D062DA6D9ABC3E
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0....call bddci_stop..RunDLL32.Exe SETUPAPI.DLL,InstallHinfSection DefaultUninstall 128 %CD%\bddci.inf..RunDLL32.Exe syssetup,SetupInfObjectInstallAction DefaultInstall 128 %CD%\bddci.inf....popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci_reinstall_boot.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):213
                                                  Entropy (8bit):5.153467971136594
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yuJqpsgLA5vRpMKz6yEly6ZhwKMLRA59bR1GqWREEGRMZiEly6ZhwKf:hSnJGqpsgLQXdEVt4rEEMEVtfn
                                                  MD5:D689035E2D21C5D672CA0FA99B1D6FF9
                                                  SHA1:F21E0181303F0FB4A7C82EB76CCF9A5B4AD446E9
                                                  SHA-256:2ED8F11755D68E6E381914AE35995F815168B87948043D3871ED50D638F457AD
                                                  SHA-512:A50BAC4C7AA8A9F3334626F2C0A6DFC0B3D54D402A7E8276C21B9335009430F19DF7B244DAB00F6FDE538E345FECA09996BAF7927FDF0F4134E2D5DA3A94E8C4
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0....call bddci_stop..RunDLL32.Exe SETUPAPI.DLL,InstallHinfSection DefaultUninstall 128 %CD%\bddci.inf..RunDLL32.Exe syssetup,SetupInfObjectInstallAction BootInstall 128 %CD%\bddci.inf....popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci_start.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):61
                                                  Entropy (8bit):4.3212158708844575
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yVTBBn:hSnJVT3n
                                                  MD5:D1AAA0351E290303C8F2773E4444E5DD
                                                  SHA1:757E10E1FDC2919A10BAE72D215A1324F4ABA4E6
                                                  SHA-256:B356443280684F01A3666021662821EB9130EAB58EBE48A400726E7D82591F5B
                                                  SHA-512:7468CE3E229AAD292897BA3F531479D4764A38E1E6B58E3FD4AB9E5232FE6CAF9E040D8F742785B85802C4D4BAEF9598EBC78BDA92D525DA10C6C88AD5D7E2DF
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0..net start bddci..sc query bddci..popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci_stop.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):60
                                                  Entropy (8bit):4.235546013316953
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yVO9rCBBn:hSnJVz3n
                                                  MD5:18D3A452985E52AA8ADFF7737F116EEE
                                                  SHA1:3CE81B54F7C3A913509FCC78538CE239C6D41CB0
                                                  SHA-256:D42E07D8BD6FD9536552704B3556EF3DCC1C43B89E7BF0A4DEF59784391A9098
                                                  SHA-512:D3F337C26690258A3D1D02B555CAF1463FE49C9EA8AD51496EAC8E425AFE65952C2EA870798C2038282E196DBB9E4719FE7FD8742F8488F4B55E7687ED59896E
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0..net stop bddci..sc query bddci..popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci_uninstall.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):110
                                                  Entropy (8bit):5.130096791944795
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yOA5vRpMKz6yEly6ZhwKML5r:hSnJOQXdEVtG
                                                  MD5:32A10363F7CEF5F479734E468FAA54E9
                                                  SHA1:CCCB9C13D1F2A371443FAB4C8EFF346F54C764F5
                                                  SHA-256:E7CBA9FE65F75C973818ED70EBD764EA47B05956B7390DC8942AD6C5D150CE8E
                                                  SHA-512:B48B604312026442CEF5D6D6C437D9B202B97CB72506EE18FEDBC2DDCF8B97B7E6A575626432B3467DB25FEB0DB7F2F1EF5053EE1FDBAAD7A30866F583F74FEB
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0..RunDLL32.Exe SETUPAPI.DLL,InstallHinfSection DefaultUninstall 128 %CD%\bddci.inf..popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddcihttp.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):2731552
                                                  Entropy (8bit):6.533490914139629
                                                  Encrypted:false
                                                  SSDEEP:49152:0V6paqQWRm+RYPdrne0VZaKKRYkeK3dj3qoZH/ojsHNTMGZXEi:JpfRQaRY3K3toYSGD
                                                  MD5:53F6774DF73CC44D29F354AECBDEF948
                                                  SHA1:894158C553F39F8000C858C84AD772714E215D75
                                                  SHA-256:D1130318E699B81F1918F468A8B49C9BE7B8B4293C1078DA4A17DAC6AD999EC6
                                                  SHA-512:5151804071C371FE2458C2FC67441441B01602A529582BED48B0E0226E051F933981DCE1F84E3AC0F2EBE608B463FE1E9C226D058EDD3BF6C5B35BE9E8A9E234
                                                  Malicious:true
                                                  Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$.......c...'.u.'.u.'.u.3.q.1.u.3.v.,.u.3.p...u...q./.u.A...&.u.u.q.6.u.u.v.-.u.u.p...u.3.t.*.u.'.t...u...|...u...u.&.u.....&.u.'..&.u...w.&.u.Rich'.u.........................PE..d...,Z.d.........." .................8........................................)......g*...`...........................................'......'.x.....)......p(......n). @....).T....s%......................v%.(...`t%.8............................................text............................... ..`.rdata..j...........................@..@.data.........'..d....'.............@....pdata.......p(......((.............@..@_RDATA........)......F).............@..@.rsrc.........)......H).............@..@.reloc..T.....).. ...N).............@..B................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bdnc.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):2529312
                                                  Entropy (8bit):6.515710054151537
                                                  Encrypted:false
                                                  SSDEEP:49152:7LXjFttLwzqzJ94tMozJfQu8FvDj0/pQBuwV3TPNmZfN:7LlwS1vkBQBjVBmBN
                                                  MD5:957DCCB05E3FEABEA72DBE13F4803FDC
                                                  SHA1:A4541A8019EE32B9659C242AD6C6038A723342B6
                                                  SHA-256:3E2C8A240A1BB76A8770DA243AEFD7795EDA97795D8266B39F0907B1AC94551A
                                                  SHA-512:932F4C72F247EE56157388056AC488248C20DF694874124CBB09A0523C6664CBBD88E7DEEE03EFABB3C67018FB8C65C77B152408ACB92C53B1CD8B4989C5C7F0
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.............................^..I.;....I.....I.....I....................<..:.....:...................9..........Rich...........PE..d......a.........." .................p........................................&.......'...`.........................................`.#.p.....#.......&.......$.\....X&. @....&.(L....!.p...........................P.!.8............................................text...0........................... ..`.rdata..@...........................@..@.data.........$..p....#.............@....pdata..\.....$......X$.............@..@_RDATA........&.......&.............@..@.rsrc.........&.......&.............@..@.reloc..(L....&..N....&.............@..B................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bdnc.ini

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:ASCII text
                                                  Category:dropped
                                                  Size (bytes):108
                                                  Entropy (8bit):4.584132838074214
                                                  Encrypted:false
                                                  SSDEEP:3:RwCKXF83Mnmz8BCjY9kHvGPbGymjyRZF:BE7mz8KYeGbGym4ZF
                                                  MD5:153E80B1EC9BAEC5619ACEEBFDE340C6
                                                  SHA1:5374991113BD75BC60DF99B372E61DEB6D5340EF
                                                  SHA-256:C7890B7AA3FBE8AAEF3CFFD4215B870489A54C9E450B1A91A8021D48BE3547BA
                                                  SHA-512:3FCE1BD79FD944554DCB09E74E33A01F443A358FD3B42334926E8C9DC385C9F717BB9D48F022E5B4A7486AD7A091246C4EEF64CF212BA29812D967F60934E2D2
                                                  Malicious:false
                                                  Preview:BootstrapServer = nimbus.bitdefender.net..# LogFile = bdnc.log..# ProxyName = .# ProxyUser = .# ProxyPass =.

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bittorrent.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):108576
                                                  Entropy (8bit):6.197741681294066
                                                  Encrypted:false
                                                  SSDEEP:3072:KizDGKhdWOl1bxfvmyW25B8RA+sfCZizxMtFQnIdcKb:tL/WOl1dWHHcKb
                                                  MD5:74D7799C00C804296C0F1B99324B513F
                                                  SHA1:527380E0E44C9FD8CA5F73D103E8E9F56EB13142
                                                  SHA-256:66C0B9D01AFAB9DB8F87164C747DC6BDD05FFAE25092AB4627A8A47857118AB0
                                                  SHA-512:3140D32D4199CC246FDDB292400EC31BCC098E18349D9991828FC1462F7CD6AA3A0666037E569511B37B1CB6BAF34C94BE2FDC70A9685125A72FDD44E427CDAC
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........................................................................+......+......+.w.....+......Rich............................PE..d.....n\.........." ................................................................F.....`..........................................>.......?..<....................h.. @..........p0..T............................0...............................................text............................... ..`.rdata..............................@..@.data....(...P.......4..............@....pdata...............H..............@..@.gfids...............V..............@..@.rsrc................X..............@..@.reloc...............^..............@..B........................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bridge_install.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):167
                                                  Entropy (8bit):5.102379914131941
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yB83vQXAtlNdfDZj4I5pEIRfT8ZEEyAZ51AUmhMW4crWarA5Mn:hSnJB83vQQtlNj5TL65yULWRCGjn
                                                  MD5:996CD85E5F005D76E1B7F6033AD3840F
                                                  SHA1:D2111E0E5CDB4FBCF0C7220D4BFDF71CB495FB60
                                                  SHA-256:328A059D0FD3BBFCE208BD5DF73D14D0B56B2C0EE79BF7E6E2017211150655C1
                                                  SHA-512:8F1C15E4C0E274E548843D102CF8A722EEDFDC098AD36AE45BF0A84F70C96360E7704A25E0CD7067191E594FA6931F46FF0ADD09DEB7F8BE8F38DF1873B0F81F
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0..sc create DCIService binPath="C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe" DisplayName= "DCI Bridge Service"..popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bridge_start.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):49
                                                  Entropy (8bit):4.445644282581652
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yBsns2yAB:hSnJBsZB
                                                  MD5:95E8C6CD0A911F1AB4969C06B8CF77A2
                                                  SHA1:BE1B1F8ABD0420F59ECAB7BCF8120CDC2CE34195
                                                  SHA-256:DE795F6D8591577054813BEE79E7C5B4EE13360039D29AA73971C6B985D26EBD
                                                  SHA-512:E5EEFAF761BE7BF3CEA207E22E98398093FA0A9D3B459AF7DF22BFBF07755816737A7B8B261ACF01AEC8B10B5D8F0D90132A4ECDD83C242B2CDE883039FAC1FF
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0..sc start DCIService..popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bridge_stop.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):47
                                                  Entropy (8bit):4.323220703147271
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yBs0bbnXA0vQB:hSnJBs0vnX9U
                                                  MD5:2D655B2F0502E2E7DEA4154A8C801219
                                                  SHA1:E20FE8994AD78028516BFDFA1804C3BC8CF19D6F
                                                  SHA-256:93CEBF47CF6FC0088D589B62BF805F371E5EBF12639EB4DAB9F21E753D1BB8AC
                                                  SHA-512:7F6009BD8C5EFB4A60191574CF850AC5F83BFF2F9A38F148206A566F4BAA0E82EE9ABE0C358CFF57F27EC5727685FBAE5A3F03D77A920EF438801F70E06FCC6F
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0..sc stop DCIBridge..popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bridge_uninstall.cmd

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):73
                                                  Entropy (8bit):4.752922463132331
                                                  Encrypted:false
                                                  SSDEEP:3:mKDDGQWT0yB7s5vw414NaDw9IvVun:hSnJBUR4Na1vUn
                                                  MD5:808896D128F2DF4E933CBC8E48B589E2
                                                  SHA1:0B8A2851D08111843EC9DB698CA716053CD94E10
                                                  SHA-256:4827234DB594CD6DC42E97A6E6A418B3D2C691A9354FF6E9C8E03C5B5454F1F0
                                                  SHA-512:83680AD9519207AF630B151C82F7979764D216AF8DC0B68C4BF051E240F52BF7E2FF2C3A138EC7577A33FC1A27CE8731E59FA84C7C008FF7765542AFF767E4FC
                                                  Malicious:false
                                                  Preview:@echo off..pushd %~dp0..sc delete DCIBridge binPath="DCIBridge.exe"..popd

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\concrt140.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):317224
                                                  Entropy (8bit):6.325476680883488
                                                  Encrypted:false
                                                  SSDEEP:6144:6lTcrTKDDPzfM0xmNcwwY2baM739NhNN40aBqnWzgPPz:6cKHzEc/Yzz
                                                  MD5:165E673B081CF2C90A2E63A6834ACE1E
                                                  SHA1:544014C03FB2E91454D4BAC4934B1C44F2ED8943
                                                  SHA-256:8BF7EFB1FA4F86DB826B79EA1D3DAA6E18019790D7B5FF58B53BFB4CAD967974
                                                  SHA-512:BB02ED42C4AFC2AE1AD5A01D974B41C511E04964962655CF387E07FB364075A1939CB9EEA0B72BBC73F6813BE9107D650543EE1ACC3583A3A59AA8B416AF9565
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........e............/.<....|@....ct............ct.....ct.....ct......ct.....ct,....ct.....Rich....................PE..d...M8.^.........." ................p.....................................................`A........................................0....M..<................p...6......(A......l....4..T...........................p4..0............................................text...<........................... ..`.rdata...2.......4..................@..@.data....?...0...8..................@....pdata...6...p...8...N..............@..@.rsrc...............................@..@.reloc..l...........................@..B........................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\ftp.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):124448
                                                  Entropy (8bit):6.24372790381547
                                                  Encrypted:false
                                                  SSDEEP:3072:6Wj8gEU217BNkr4yg0IsiO1tpp/1t1tD1YMOYbOPzKTIiz9IB:6CKUokr4yx5iLKL9IB
                                                  MD5:B7C081F03A50C391F5B22A0EE16B8A1E
                                                  SHA1:2FA63728DDDB2E25F69ADF0E02CBD75D053A9965
                                                  SHA-256:42CCB6C597D0952042C3D3FDC0027634C3E9D118706A286277A32A7F6AF6BD30
                                                  SHA-512:8590E537D7DF9523F934CD4BB18C7515D89E74FC8B3E8E35CE70B368C9A99659BF59DEDB020FB470CF8577248F607ED271D52107015CDFFC8A0A9F7E8AC2880B
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......c..E'..'..'..H...#..H......H...[..I.../..I...=..I...7..H..."..'..i......$......&....X.&......&..Rich'..........PE..d.....n\.........." ................p&..............................................E'....`..........................................{......D|..<....................... @......$....g..T............................g.................. ............................text...`........................... ..`.rdata..............................@..@.data...h)...........p..............@....pdata..............................@..@.gfids..............................@..@.rsrc...............................@..@.reloc..$...........................@..B........................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\http.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):194080
                                                  Entropy (8bit):6.267657257196838
                                                  Encrypted:false
                                                  SSDEEP:3072:UFig6fLNAsrACf/dKvqZEB15xo4JC3Zh8nzxGzWZmUbX4ojw:7g6fSsbf/dCqOBzxfJzOpUT4oM
                                                  MD5:C0D7A16BA0340FFAEADEDB5FD82F6984
                                                  SHA1:63AC374A7322E4ECB9B8FED7E67FFCF01B71FC75
                                                  SHA-256:E07A6F752E45E3240C95CBB890B22A154B1CCA571C17FB57F11EF0B86108A7BB
                                                  SHA-512:3E50F009B7A43D2FB58F28F0EAAB4555D9FC68ED72AF970F6A6BD875DAB30B5AD32300E95AC570DDF0D925499E709457EA8757033580493F4BBAE14A20D06C42
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........./...A..A..A..E..A..B..A..D.7.A..~...A..B..A..E..A..@..A..@...A..D..A.b.H..A.b.A..A.b....A.b.C..A.Rich..A.........PE..d.....n\.........." ................................................................sG....`..........................................u......pv..<....................... @......,... Y..T............................Y.................. ............................text............................... ..`.rdata.............................@..@.data....<.......(...f..............@....pdata..............................@..@.gfids..............................@..@.rsrc...............................@..@.reloc..,...........................@..B................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\lsa.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):109088
                                                  Entropy (8bit):6.197321200062162
                                                  Encrypted:false
                                                  SSDEEP:3072:VdO2ha1G2lDb8TfvmyW25B8RA+sfCZizxMC6d+eQms0A:xj2lDbMWUqs0A
                                                  MD5:F89B978400B6C035F975EFC6AB7303A8
                                                  SHA1:173F9F2BC814B19870C7B98057C948B0292340F9
                                                  SHA-256:CA621B67C0AA1FE669C99ABC0EE1A52807321F5BE4092BAD7C49D4291C194B7C
                                                  SHA-512:D0FC9D302EE3B8BE6C65CCB2A2D387A1A914ED9A453CE0CAD6734F2C9D59A0EA8694E39B81382EE7B6F6C61B96DB81F7AD1C227727B65A5A61C0471A35C39E33
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........................................................................+......+......+.w.....+......Rich............................PE..d....n\.........." ................@...............................................E.....`.........................................`?.......?..<....................j.. @...........0..T........................... 1...............................................text............................... ..`.rdata..............................@..@.data....(...P.......6..............@....pdata...............J..............@..@.gfids...............X..............@..@.rsrc................Z..............@..@.reloc...............`..............@..B........................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\msvcp140.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):590632
                                                  Entropy (8bit):6.463330275333709
                                                  Encrypted:false
                                                  SSDEEP:12288:Mt8MRN4gE4x4iTqwTQa6IUqXF7XyxpypsdUDqNSfbQEKZm+jWodEEV3Ho/:MCMm9pyp35bQEKZm+jWodEExg
                                                  MD5:E74CAF5D94AA08D046A44ED6ED84A3C5
                                                  SHA1:ED9F696FA0902A7C16B257DA9B22FB605B72B12E
                                                  SHA-256:3DEDEF76C87DB736C005D06A8E0D084204B836AF361A6BD2EE4651D9C45675E8
                                                  SHA-512:D3128587BC8D62E4D53F8B5F95EB687BC117A6D5678C08DC6B59B72EA9178A7FD6AE8FAA9094D21977C406739D6C38A440134C1C1F6F9A44809E80D162723254
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......n...*...*...*.....w.(...#...<...*......./.....".................+.....g.+.....+...Rich*...................PE..d...R8.^.........." .....>..........p"....................................................`A........................................ m..h....G..,...............(;......(A......4.......T...............................0............P......Ti..@....................text....=.......>.................. ..`.rdata.......P.......B..............@..@.data....:...`..."...P..............@....pdata..(;.......<...r..............@..@.didat..h...........................@....rsrc...............................@..@.reloc..4...........................@..B................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\msvcp140_1.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):31528
                                                  Entropy (8bit):6.472533190412445
                                                  Encrypted:false
                                                  SSDEEP:384:R77JqjlI8icUYWhN5tWcS5gWZoMUekWi9pBj0HRN7RA5aWixHRN7osDhzlGs6N+E:R5D8icUlX5YYMLAWRAlypmPB
                                                  MD5:7EE2B93A97485E6222C393BFA653926B
                                                  SHA1:F4779CBFF235D21C386DA7276021F136CA233320
                                                  SHA-256:BD57D8EEF0BC3A757C5CE5F486A547C79E12482AC8E694C47A6AB794AA745F1F
                                                  SHA-512:4A4A3F56674B54683C88BD696AB5D02750E9A61F3089274FAA25E16A858805958E8BE1C391A257E73D889B1EEA30C173D0296509221D68A492A488D725C2B101
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........U..\4~.\4~.\4~...^4~.UL..X4~.Dz.[4~.D}.^4~.\4..v4~.D..Y4~.D{.O4~.D~.]4~.D..]4~.D|.]4~.Rich\4~.........PE..d...W8.^.........." .........$............................................................`A.........................................>..L....?..x....p.......`..4....:..(A......p...@3..T............................3..0............0..0............................text...(........................... ..`.rdata.......0......................@..@.data........P.......,..............@....pdata..4....`.......0..............@..@.rsrc........p.......4..............@..@.reloc..p............8..............@..B................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\msvcp140_2.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):193832
                                                  Entropy (8bit):6.592581384064209
                                                  Encrypted:false
                                                  SSDEEP:3072:V7vC/HAiCsJCzwneNPXU7tm1hTt8KBDal8zg/0LwhORfewlMi0JHV:VTGAtweN85m1f8KBI9wfpsJH
                                                  MD5:937D6FF2B308A4594852B1FB3786E37F
                                                  SHA1:5B1236B846E22DA39C7F312499731179D9EE6130
                                                  SHA-256:261FBD00784BB828939B9B09C1931249A5C778FCEAD5B78C4B254D26CF2C201F
                                                  SHA-512:9691509872FDB42A3C02566C10550A856D36EB0569763F309C9C4592CAF573FBB3F0B6DC9F24B32A872E2E4291E06256EAE5F2A0DEB554F9241403FD19246CAC
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........94..Wg..Wg..WgVt.g..Wg..g..Wg..Sf..Wg..Tf..Wg..Vg..Wg..Vf..Wg..Rf..Wg..Wf..Wg...g..Wg..Uf..WgRich..Wg........................PE..d...W8.^.........." ................p............................................... .....`A........................................ ..................................(A...........K..T........................... L..0...............P............................text............................... ..`.rdata..............................@..@.data...............................@....pdata..............................@..@.rsrc...............................@..@.reloc..............................@..B................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\msvcp140_codecvt_ids.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):27936
                                                  Entropy (8bit):6.577459666532623
                                                  Encrypted:false
                                                  SSDEEP:384:nGpHh29k7lAv1WioEWQ53tWi9pBj0HRN7evpPOWixHRN76MauOMlVt:nCHc4MqPAWevp3y6MgI
                                                  MD5:1B8D2F7700EB84B832E9750880CDCBD5
                                                  SHA1:3AE22588F9420414182F78A994E1E2D9153E48E2
                                                  SHA-256:13DC526343225AD933612A6BBCEC4F9A3A9A94B00B2F24B7DA8F851E9DE00992
                                                  SHA-512:6DB667391D842511867EED010055E9E3A09897004F77912E055FE794870EFD59CDE822D9AE819963595EB53A17477B24C981A334EBFB3869D71C3FE6A8274F14
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........T...:N..:N..:N9(.N..:N..N..:N..;N..:Nu.;O..:Nu.>O..:Nu.9O..:Nu.?O..:Nu.:O..:Nu..N..:Nu.8O..:NRich..:N........PE..d...W8.^.........." ................ ........................................p...........`A........................................p'..0....(..P....P..0....@.......,.. A...`.. ....!..T............................!..0............ ...............................text...X........................... ..`.rdata..0.... ......................@..@.data........0....... ..............@....pdata.......@......."..............@..@.rsrc...0....P.......$..............@..@.reloc.. ....`.......*..............@..B................................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\pop3.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):111136
                                                  Entropy (8bit):6.222503127418836
                                                  Encrypted:false
                                                  SSDEEP:3072:ucC1a3VOKS2SWfzzIaYSMeEesE9+WryKfmjqnurfTHSMyyGbtYMKZq1gN:uVaMKSuf3IF9eieEMKY1gN
                                                  MD5:4617113B1FA666E743F899D3781483D8
                                                  SHA1:0A1DADB7051C5A5ED9D108F78F83AC2B21419A84
                                                  SHA-256:30AF0CEC58983EF5CCF2B30F074FAAD6AC348CD5FC88461C0B06977839A2C651
                                                  SHA-512:92D0CD9E51DE702A04BC2948E2966219B16C1BEF93DADDDCCF801C58C2DA1DD22AC5B9651583868957098959BEECA2CFDD7465EDECE1120E364935FF65184675
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........?)[.^G..^G..^G..:D..^G..:C..^G..:B..^G.4....^G...D..^G...B..^G...C..^G..:F..^G..^F..^G.x.N..^G.x.G..^G.x....^G.x.E..^G.Rich.^G.........PE..d....n\.........." ......................................................................`..........................................O.......P..<....................r.. @..........p@..T............................@...............................................text.............................. ..`.rdata..<...........................@..@.data....(...`.......>..............@....pdata...............R..............@..@.gfids...............`..............@..@.rsrc................b..............@..@.reloc...............h..............@..B................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\rpc.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):109600
                                                  Entropy (8bit):6.188830642967351
                                                  Encrypted:false
                                                  SSDEEP:3072:zhKIKMqrmSYZKc4yvmyW25B8RA+sfCZizxMI/FsXujHz:RwaSYZKTFCzjHz
                                                  MD5:FD8770A4368ACD38C18CCB0298DCF587
                                                  SHA1:867772D872B84988BD7E9EA2271E470DD443874E
                                                  SHA-256:E039A7E9BDECAF697BD73A47DA557E5582FBFFACC53F9A185790299156C85584
                                                  SHA-512:E1123FA8CF304D082324CFAA5534EA34103226242CEF1D6E1640BD2B343D19AE3BCEC2302C3A6167C57F8196415190D86050FB55E2E6BA0D90AEF189D5CA18C7
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........................................................................+......+......+.w.....+......Rich............................PE..d.....n\.........." ................@...............................................E^....`.........................................P?.......?..<....................l.. @...........0..T............................0...............................................text............................... ..`.rdata..............................@..@.data....(...P.......8..............@....pdata...............L..............@..@.gfids...............Z..............@..@.rsrc................\..............@..@.reloc...............b..............@..B........................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\sav.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):743968
                                                  Entropy (8bit):6.401514425912792
                                                  Encrypted:false
                                                  SSDEEP:12288:m/Kz78acbADfu4+2L6QalAMGzxWZ6xb4YXecX9aRleIBakXRa9wItZZcfeNkyfdg:2KMacbADfbzL/alAMGzxWZ6xb4YXecX0
                                                  MD5:47B40A1348A6EDA7087A6241858EF9E1
                                                  SHA1:CA8CE0BA789BAAFC75B593FD8A98D4CF8AFA4956
                                                  SHA-256:CD83B1612C2823488EA267E88FE91A2AEDF6B278BAFDD39FF673BED3ADD39D6B
                                                  SHA-512:DD43A1A08E0DD9386C0C4AA47C2E1A71A6CCD07DEC1D70129C43845C5C32EC038EFB617BEC35320A467BBAC77BAD6ABEFD176C747B2A9113190D3E98D1B50130
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......'.}.c...c...c.......g.......r............#..b.......i.......Q.......".......d...c...........+.......b.......b.......b...Richc...........................PE..d.....n\.........." .................G.......................................@............`.........................................@P.......g..P................[...... @... ..t....g..T....................h..(....h............... ...............................text............................... ..`.rdata..XS... ...T..................@..@.data............@...Z..............@....pdata...[.......\..................@..@.tls................................@....gfids..............................@..@.rsrc...............................@..@.reloc..t.... ......................@..B........................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\scan.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):861728
                                                  Entropy (8bit):6.42613102304455
                                                  Encrypted:false
                                                  SSDEEP:12288:CRRnyp7sOXzRW1frmznBFdX1P/paqkHLFgSD7pY8e2Ssoq5f0:8Rw7zRW1DmDDdX1P/paqYn7mnKV0
                                                  MD5:F06086D2B25027ED54B1434B38D41BA7
                                                  SHA1:5EE263A1A51A1565FA42DA998265D868884A0D79
                                                  SHA-256:FB9B4B9E917CAF6719F7FCC031DD7BB0F5F5EF7D39A4C43242D38371C97C9998
                                                  SHA-512:54BE383C1937AF05096090AAD04B80F4B2098060F3A3BC45D0A6068C660337A8E71D5E217FE950E718EABEA31599388D6887E8D0B8F9CBFBA7EFA09C8AB61F5A
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......e5..!Tq.!Tq.!Tq.5?r.&Tq.5?t..Tq.G;.. Tq.s!u.0Tq.s!r.(Tq.5?u./Tq.5?p..Tq.!Tp..Tq.s!t..Tq..!u.%Tq..!t.<Tq..!q. Tq..!.. Tq.!T. Tq..!s. Tq.Rich!Tq.........PE..d......a.........." .....F...................................................p......O.....`......................................... ...................Hy...P..Tf...... @...P..T.......p...........................`...8............p...............................text...|C.......D.................. ..`.orpc........`.......H.............. ..`.rdata..RQ...p...R...J..............@..@.data....}.......P..................@....pdata..Tf...P...h..................@..@_RDATA...............T..............@..@.rsrc...Hy.......z...V..............@..@.reloc..T....P......................@..B........................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\smb.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):196640
                                                  Entropy (8bit):6.135506460645053
                                                  Encrypted:false
                                                  SSDEEP:3072:JL/r6ivsFqEaTIwX9nfyXI9nPRxel7XD6J75Mlsefbc1brS4ukUNfcfI:JLDHqq7XZyAn+tXDbfSbrqrVcfI
                                                  MD5:B4A0352A49D7661E64693765707A0A1A
                                                  SHA1:888F7E14CC08EF0FF4F6557BC8EC3A4AC36D18F3
                                                  SHA-256:4295BBC2CE2CCB68B17DF07B2364EF90B3BB802FC2F44C710B13C1477F424CAA
                                                  SHA-512:8647121A5CFC25FB7FF46308CEBE3C261927BAC40D2FAFE89C01945346993E31FF6B0369E2A686F9F4A16CC61B74C887ED670F30A1A21252E04CD1BA781BB712
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........y...*...*...*...+...*...+...*...+..*9..*...*...+...*...+...*...+...*...+...*...*..*u..+...*u..+...*u.8*...*u..+...*Rich...*................PE..d.....n\.........." .....r...J......d.....................................................`..........................................v......dw..<....................... @...........(..T............................).................. ............................text....q.......r.................. ..`.rdata...............v..............@..@.data...88.......$...f..............@....pdata........... ..................@..@.gfids..............................@..@.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\smtp.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):123936
                                                  Entropy (8bit):6.253892164491635
                                                  Encrypted:false
                                                  SSDEEP:3072:uxc4WaKDtQLGVAlS6wl6O1tpp/1t1tD1YMi93bJWlGrJSb6f:uxgaK3VAlS6kB2sYJSb6f
                                                  MD5:2B8265DFA5B53B61E875F7A83DDE8680
                                                  SHA1:FA3C87C02750700AC0D20D21B88A90B8122BE8E1
                                                  SHA-256:748BAC0CDDAA20C4967F6F495DB6B58F88FB675790C2039E211E42468AFBE2EB
                                                  SHA-512:9011BC9B204DB910F7A06F89928986F03DF234DF39309B183B3FE226677EB0C435F0B8C3EFAAD9689A5FA44BEE034EC99B7AF2C6FC3A2056BC0A4C0D4D9D5DE2
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......o.{!+..r+..r+..rD..s/..rD..s"..rD..sW..rE..s#..rE..s1..rE..s:..rD..s...r+..re..r...s(..r...s*..r...r*..r...s*..rRich+..r........................PE..d.....n\.........." ................<)..............................................s.....`......................................... w.......w..<....................... @...........b..T...........................0c.................. ............................text...@........................... ..`.rdata..............................@..@.data...X)...........n..............@....pdata..............................@..@.gfids..............................@..@.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\ssl.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):182304
                                                  Entropy (8bit):6.392391795533443
                                                  Encrypted:false
                                                  SSDEEP:3072:/ZE4AtMAAKxGbnsGtdZkQQnfO/JHEWw7jN8:SnjAtsKEqHN2jN8
                                                  MD5:9592F5912B31B62193656497E67A2D9B
                                                  SHA1:B8A92656880A7016EDCBA43B1E206D83FE3847E0
                                                  SHA-256:5978DD53996BC3856D01010E4DDC41215DC9D7FE046961FEABEC419972CE94BD
                                                  SHA-512:FFAB48BE1DB5CC30F61D88B3BC02E2EA30C8DCD44BFE9BED786BB7CD699DAC8C456C1D390925C9A9FF2994A54CF98EEE0E76984EBA318792EC9838DB1954B98D
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........#.K.M.K.M.K.M.$.N.O.M.$.I.B.M.$.H..M..!..J.M.%.N.C.M.%.I.Z.M.$.L.N.M.K.L...M.%.H.W.M...D.H.M...M.J.M....J.M...O.J.M.RichK.M.................PE..d.....n\.........." .....f..........`v....................................... ............`.........................................0[.......[..<...............P....... @...........B..T...........................PC.................. ............................text....e.......f.................. ..`.rdata...............j..............@..@.data... R...p.......N..............@....pdata..P............b..............@..@.gfids...............v..............@..@.rsrc................x..............@..@.reloc...............~..............@..B........................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\ucrtbase.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):961192
                                                  Entropy (8bit):6.640639825639145
                                                  Encrypted:false
                                                  SSDEEP:24576:TZAut7MWpJcndd9glcYdhdrH2zC8vh7EenmdvXZi0yplQu:TqkMWDcnjyvhdUb77l
                                                  MD5:D4B22FB86C88C071335FE2FB623E40CE
                                                  SHA1:CC722EB1098B3A630A990DBCEB62E3338B064110
                                                  SHA-256:2195FEF9BD0A01D6B10A2AB77FF4F5BBCA01D65D5F6590BEFC98D80102372605
                                                  SHA-512:369FB5D80535CB1F8D46512234D7777754648AEAB6A3FF1536EDC64CA0097A8E8EAA7C68FEEABF756DE474706F0C7C896B14C4C39CBD5916AD9258F2ED3FCDF1
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......b...&.a.&.a.&.a./.....a.&.`..a..6..'.a.l..'.a.l....a.l..p.a.l....a.l..j.a.l..'.a.l..'.a.Rich&.a.........................PE..d.....nU.........." .....J...0......`t..............................................^.....`A............................................P...@...................l....h...B..........Po..8............................o...............`..H............................text...pH.......J.................. ..`.rdata...a...`...b...N..............@..@.data...."..........................@....pdata..l...........................@..@.rsrc................X..............@..@.reloc...............\..............@..B................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\vccorlib140.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):337696
                                                  Entropy (8bit):6.010310833200254
                                                  Encrypted:false
                                                  SSDEEP:3072:uMCZbDoSbwlSCpYQfj+f1D0I/esAjznECGJGSuyuMiQdqyHGxRCcXYJ7q5g03Lbh:uCXSUYQeisA3EJnkgCbDmgpbPSNA
                                                  MD5:9FF7C9FF349B13430FD4575556ED3A15
                                                  SHA1:CED03401B3FFA7BF372B6E7B9CE3D6856D646373
                                                  SHA-256:C04C348CF3CB28A550ADC72D40F7473D03F1EAC63F3B945A6A56C476265295A7
                                                  SHA-512:CB656E556EC12CE5A8979C69C777ABC83B5E8023E90F7A0DC206FEF9DF8C04B96B70CCBCE4F563265392E313AE6E4C4DC2E5A2FDFACA32AB0E167E45C7581374
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......^.M...#...#...#.....#..."...#...&...#...'...#... ...#......#...".l.#...*...#...#...#......#...!...#.Rich..#.........PE..d...T:.^.........." .........f......P~.......................................0......M.....`A.............................................>..d...,................ ...... A..........`...T...............................0............................................text...V........................... ..`.rdata...v.......x..................@..@.data...(.... ......................@....pdata... ......."..................@..@.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\vcruntime140.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):101672
                                                  Entropy (8bit):6.566355945650465
                                                  Encrypted:false
                                                  SSDEEP:1536:7y6+2mUD0uBFRXqYue/o+18iBH5T7heunxr98nZXR9xecbSQ2bIB0TO:7lXfRXqQw+PHLrCZh9xecbSt
                                                  MD5:8697C106593E93C11ADC34FAA483C4A0
                                                  SHA1:CD080C51A97AA288CE6394D6C029C06CCB783790
                                                  SHA-256:FF43E813785EE948A937B642B03050BB4B1C6A5E23049646B891A66F65D4C833
                                                  SHA-512:724BBED7CE6F7506E5D0B43399FB3861DDA6457A2AD2FAFE734F8921C9A4393B480CDD8A435DBDBD188B90236CB98583D5D005E24FA80B5A0622A6322E6F3987
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......!/.NeNl.eNl.eNl....gNl.l6..nNl.eNm.INl..>o.hNl..>h.uNl..>i.zNl..>l.dNl..>..dNl..>n.dNl.RicheNl.................PE..d...M8.^.........." .........^...... .....................................................`A........................................`1..4....9.......p.......P.......L..(A..........H...T...............................0............................................text...b........................... ..`.rdata...?.......@..................@..@.data...0....@.......4..............@....pdata.......P.......8..............@..@_RDATA.......`.......D..............@..@.rsrc........p.......F..............@..@.reloc...............J..............@..B........................................................................................................................................................................................................................

                                                  C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\vcruntime140_1.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):44328
                                                  Entropy (8bit):6.631745572973897
                                                  Encrypted:false
                                                  SSDEEP:768:uJnUUV7xPg4RdPvv1DHkhhFAWN6srByiYzC:uaY7XN7Ih4CIiYzC
                                                  MD5:21AE0D0CFE9AB13F266AD7CD683296BE
                                                  SHA1:F13878738F2932C56E07AA3C6325E4E19D64AE9F
                                                  SHA-256:7B8F70DD3BDAE110E61823D1CA6FD8955A5617119F5405CDD6B14CAD3656DFC7
                                                  SHA-512:6B2C7CE0FE32FAFFB68510BF8AE1B61AF79B2D8A2D1B633CEBA3A8E6A668A4F5179BB836C550ECAC495B0FC413DF5FE706CD6F42E93EB082A6C68E770339A77C
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........h..j...j...j....l.h....y..h...cq..a...j...[....y..o....y..m....y..p....y..k....y|.k....y..k...Richj...................PE..d...Q8.^.........." .....:...4......pA....................................................`A........................................Pk.......k..x....................l..(A......8...(b..T............................b..0............P..X............................text....9.......:.................. ..`.rdata... ...P..."...>..............@..@.data................`..............@....pdata...............b..............@..@.rsrc................f..............@..@.reloc..8............j..............@..B........................................................................................................................................................................................................................................................

                                                  C:\ProgramData\Lavasoft\Web Companion\Logs\Webcompanion\webcompanion.log

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):13767
                                                  Entropy (8bit):5.27733178541466
                                                  Encrypted:false
                                                  SSDEEP:96:mSfIfHvwAaqaLllKWREJfa1aLlwnO61CIC0VcgNbB8OO9hczb1uWrGWEFFsqjeq0:3Nb1uBs2em51axxxLXOJNjg
                                                  MD5:3CA9A1A8DB73F40218B2AFC5ED66C93D
                                                  SHA1:AD7CF18D568B4F50126C802E0A8E11B705464A7D
                                                  SHA-256:4044A80EA9A86248936CF4311C35696E03C63490F2E2419211B2A2894AEBD917
                                                  SHA-512:A569C4A6949071B779BF9C299369F4DE91C8EB295AF51E4ABADDC07558E7763735FA815CDF3FBAF9323F80663AFBC20EF2F13131C6FC2759847AA436FFC3A6BE
                                                  Malicious:false
                                                  Preview:INFO 2024-07-22 06:51:45 [1] [WebCompanion.UI.App PerformWebcompanionStartup] --------------------------------------------------------------------------------------------------------..INFO 2024-07-22 06:51:45 [1] [WebCompanion.UI.App PerformWebcompanionStartup] Starting Webcompanion with :C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --silent --install --geo= --searchenbl..INFO 2024-07-22 06:51:45 [1] [WebCompanion.UI.AppCore.Features.Install.InstallerHelper UpgradeApplication] Upgrading user settings.....INFO 2024-07-22 06:51:45 [1] [WebCompanion.UI.AppCore.Features.Install.InstallerHelper UpgradeApplication] user settings upgraded.....INFO 2024-07-22 06:51:45 [1] [WebCompanion.UI.AppCore.ActiveFeatures.ActiveFeaturesManager .ctor] Getting active features.....INFO 2024-07-22 06:51:45 [1] [WebCompanion.UI.AppCore.ActiveFeatures.ActiveFeaturesManager DownloadActiveFeatures] Downloading active features.....INFO 2024-07-22 06:51:45 [1] [Lavasoft.Utils.S

                                                  C:\ProgramData\Lavasoft\Web Companion\Logs\WindowsService\WCAssistantServiceLog.log

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
                                                  File Type:Non-ISO extended-ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):619
                                                  Entropy (8bit):5.074246398619458
                                                  Encrypted:false
                                                  SSDEEP:12:qCBNLVlSCBNLoiWMguN67KdzS0Sq3FRg6RrpLw:pNLV8CNLoWgctdG3q3Fq6dG
                                                  MD5:D0EBC16CDEFE866CD1172A84AE7F01D4
                                                  SHA1:95208A8165B42EF206A8CDA3AAC68A8A1C760323
                                                  SHA-256:E83B35EC9302D73A80EF6520C1E9835DACD6B7E869FDBC512179BCBCD57B1123
                                                  SHA-512:CE91749832A1DCDB41476AAFA77809BA26805F5AFFAA62644A84FCFA78A4EE382F27FFEA1349532D33F69DCA9864E6C7112826E2E8E16F6235E2CCD7F967CAAD
                                                  Malicious:false
                                                  Preview:DEBUG2024-07-22 06:51:51 . Windows service installing....INFO 2024-07-22 06:51:51 . Windows service initialized..DEBUG2024-07-22 06:51:51 . Windows service installing finished..DEBUG2024-07-22 06:51:51 . OnStart() Started..INFO 2024-07-22 06:51:52 . ServiceHost is initialized..INFO 2024-07-22 06:51:52 . Uri: http://localhost:8733/SPServiceLibrary is valid..DEBUG2024-07-22 06:51:52 . WSHttpBinding is initialized..DEBUG2024-07-22 06:51:52 . Contact is initialized..DEBUG2024-07-22 06:51:52 . Endpoint has added..DEBUG2024-07-22 06:51:54 . ServiceHost is opened..DEBUG2024-07-22 06:51:54 . OnStart() Finished..

                                                  C:\ProgramData\Lavasoft\Web Companion\Options\ActiveFeatures.zip

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                  Category:dropped
                                                  Size (bytes):17770
                                                  Entropy (8bit):7.988661402540188
                                                  Encrypted:false
                                                  SSDEEP:384:kUi5qCq9OCoRlwaottJYLSX3g34cNPJ2AgHJri1zlSxb:kUi5qx9OCsl/LLWQvNlw+lSxb
                                                  MD5:80E1ACB2C9FD443F4298BCE8AF7CCC25
                                                  SHA1:0CAED9AF7E3E11395246EB697B35532C6D752013
                                                  SHA-256:8FDB29858290D88F953E7EABBBBF6EF7362A54FC50108E9B148CDADC35ED3AC3
                                                  SHA-512:CB89672E2F7B5A596A9D1EB9DF1A405C763E24A65D2C5DEF0ECF9671C5F22B207A48AA44C7E06179B93ECB564DF4ED0F5EDD26873E47985D99939BCBE034502D
                                                  Malicious:false
                                                  Preview:PK........:=AX7\.0.D..r.......ActiveFeatures.txt..+..@.sjp.#...........K1.......;../-.........[.[..A.B.....exq..)7.. 7:^...g.K .!i.bU.V.s....O$v7|e\......W...'...Z.dveU*o.R..>.%...w...$.-;...Q....4.T.......f$.+T.$.&.Q?9...#".6>.........0....o.@..j.(.*i).H".B..1`.=..&0..I8C.R..."y....cM7.g.........\@....8...x.E..4...S.|I.....yy7..~..%W?.7!J..h.rf..dB.^OQ".IDG....!o.+.^6.V...Y..6...<.....w.N.N..P..P2...\.?.....E.Y.^.j.......>i.[.p`.L_...s.Xq.>#~..nY.....>L.O9r....sA..S.+.g.5.FB..i.q..g.Uf.{..*v.BU..Bq....Tp...K.F;/........[.&WIAP..u.S..-&v.3.!...Y'.bM..l...{[:..5.s..V...L3.om........7.'.O4.'(V#...:\.......#.....V.O.O&<...s.}Y.d.|..<P...@...j.M%.O..5....lH.s^SYfa..CDD....w..V........cE.8.~cETL..0.Y.IEd@...._P.Q..~w..\fA.T....7K.i..ywq|........+.#...].N......".>.(..A....0.b.U-.l.D..M#.ET....Ya....-h..}.e.p...<)...,.....y......2..'..g.g\_GJ......=^..!..M....A...DK^?.....d...x)...-.z68....4.R|Y.S.gy.nU..f...1q.b.EFO?'.[.a...`.b...F.\..rs..ZL.0.q\.v

                                                  C:\ProgramData\Lavasoft\Web Companion\Options\ActiveFeatures.zip.tmp

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                  Category:dropped
                                                  Size (bytes):17770
                                                  Entropy (8bit):7.988661402540188
                                                  Encrypted:false
                                                  SSDEEP:384:kUi5qCq9OCoRlwaottJYLSX3g34cNPJ2AgHJri1zlSxb:kUi5qx9OCsl/LLWQvNlw+lSxb
                                                  MD5:80E1ACB2C9FD443F4298BCE8AF7CCC25
                                                  SHA1:0CAED9AF7E3E11395246EB697B35532C6D752013
                                                  SHA-256:8FDB29858290D88F953E7EABBBBF6EF7362A54FC50108E9B148CDADC35ED3AC3
                                                  SHA-512:CB89672E2F7B5A596A9D1EB9DF1A405C763E24A65D2C5DEF0ECF9671C5F22B207A48AA44C7E06179B93ECB564DF4ED0F5EDD26873E47985D99939BCBE034502D
                                                  Malicious:false
                                                  Preview:PK........:=AX7\.0.D..r.......ActiveFeatures.txt..+..@.sjp.#...........K1.......;../-.........[.[..A.B.....exq..)7.. 7:^...g.K .!i.bU.V.s....O$v7|e\......W...'...Z.dveU*o.R..>.%...w...$.-;...Q....4.T.......f$.+T.$.&.Q?9...#".6>.........0....o.@..j.(.*i).H".B..1`.=..&0..I8C.R..."y....cM7.g.........\@....8...x.E..4...S.|I.....yy7..~..%W?.7!J..h.rf..dB.^OQ".IDG....!o.+.^6.V...Y..6...<.....w.N.N..P..P2...\.?.....E.Y.^.j.......>i.[.p`.L_...s.Xq.>#~..nY.....>L.O9r....sA..S.+.g.5.FB..i.q..g.Uf.{..*v.BU..Bq....Tp...K.F;/........[.&WIAP..u.S..-&v.3.!...Y'.bM..l...{[:..5.s..V...L3.om........7.'.O4.'(V#...:\.......#.....V.O.O&<...s.}Y.d.|..<P...@...j.M%.O..5....lH.s^SYfa..CDD....w..V........cE.8.~cETL..0.Y.IEd@...._P.Q..~w..\fA.T....7K.i..ywq|........+.#...].N......".>.(..A....0.b.U-.l.D..M#.ET....Ya....-h..}.e.p...<)...,.....y......2..'..g.g\_GJ......=^..!..M....A...DK^?.....d...x)...-.z68....4.R|Y.S.gy.nU..f...1q.b.EFO?'.[.a...`.b...F.\..rs..ZL.0.q\.v

                                                  C:\ProgramData\Lavasoft\Web Companion\Options\EventSafeguard.bkp (copy)

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):2
                                                  Entropy (8bit):1.0
                                                  Encrypted:false
                                                  SSDEEP:3:y:y
                                                  MD5:81051BCC2CF1BEDF378224B0A93E2877
                                                  SHA1:BA8AB5A0280B953AA97435FF8946CBCBB2755A27
                                                  SHA-256:7EB70257593DA06F682A3DDDA54A9D260D4FC514F645237F5CA74B08F8DA61A6
                                                  SHA-512:1B302A2F1E624A5FB5AD94DDC4E5F8BFD74D26FA37512D0E5FACE303D8C40EEE0D0FFA3649F5DA43F439914D128166CB6C4774A7CAA3B174D7535451EB697B5D
                                                  Malicious:false
                                                  Preview:..

                                                  C:\ProgramData\Lavasoft\Web Companion\Options\EventSafeguard.txt

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):2
                                                  Entropy (8bit):1.0
                                                  Encrypted:false
                                                  SSDEEP:3:y:y
                                                  MD5:81051BCC2CF1BEDF378224B0A93E2877
                                                  SHA1:BA8AB5A0280B953AA97435FF8946CBCBB2755A27
                                                  SHA-256:7EB70257593DA06F682A3DDDA54A9D260D4FC514F645237F5CA74B08F8DA61A6
                                                  SHA-512:1B302A2F1E624A5FB5AD94DDC4E5F8BFD74D26FA37512D0E5FACE303D8C40EEE0D0FFA3649F5DA43F439914D128166CB6C4774A7CAA3B174D7535451EB697B5D
                                                  Malicious:false
                                                  Preview:..

                                                  C:\ProgramData\Lavasoft\Web Companion\Options\FeatureActions.zip

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                  Category:dropped
                                                  Size (bytes):9891
                                                  Entropy (8bit):7.975375679708705
                                                  Encrypted:false
                                                  SSDEEP:192:/zgkm2ZdywX6ypLeQMeq5BRVyvQOa9pIZHASkGuPPD8C4Bp60acklTC:/z+2ZMq62tMVDRVyvQJrInknPPD8FgZ6
                                                  MD5:AC2A022A7441887EA66D3B37CE40D804
                                                  SHA1:FAB3D2C5220BA0E9ABA35D5FC5C98E9E3909A1C2
                                                  SHA-256:2386DAB9C4027E1224DDDDAA7B6998B855535084C9BE46C4B25E40D86043CD2E
                                                  SHA-512:5B6E9C04738FC5F1CE6265A5C6ED8D88EC6D5FA267CE27CAE393EB39B688360F6E39FA8B73C40437E844EA0B67CA5A66837C94CDCA2E985036CAE7B50A329B50
                                                  Malicious:false
                                                  Preview:PK.........I.X6....%..........FeatureActions.txtB..PZ...&...K..E9...(0.p......<a}.9....g.<.D.)9..k@4y..'!....=~.Zk`1J......2.[..)._...,.{FF?.q...;.fL.*...=..1......Z.I.....->.m...%.>`..m.......l.,.s....W.I..TP..u*.;.....P...xx.h..g.l$..M.]I.}..........o..g......Z.L..5..?.B..ZL..x..u...kU.1.P..4.m.W....-Ntf.?..I-/...!.w.9...0./..^%X-....0(..mVP.n..]=.c.r._...A$..<.BW..y..e2.b...K....{j....O..d.x.Z.v.@[.NL.DU|._......1S..p....~Pa.q..>....})$q.H7.,h......m)I......as.<.TW...u.$?......E...y.....@X.....u.@.5.*..UJ..L.ja....0.v..^...Q. (O}k+fw.v.f.z..b.h.FE..<pl..LWZI...*.4#....,.X...`=..b...eV..W.)W*..;.Q,.'x.>..Jq.... .._..T<ea&wo../R.M.2.`rX.F.........E...c:..A.9.7A........4..FT....0..@..wu.JI..Bd.5..B..hw......}.oE.@..N=....Z$.)6.@....s..X...r.........u.%...e.I.g..5.ru.A..:.81.&..."..e._...'....B...e.'..K..`w.C....c6....H..o....?.yn;..~3r..{<..&..vi..n.MG.6..'h...4.V#.P.$...n.../..K...t'.....<.4.o.O..a"xGT.VB...f.E.<e.....G..#....B.w{.

                                                  C:\ProgramData\Lavasoft\Web Companion\Options\PerformedActions.txt

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:JSON data
                                                  Category:dropped
                                                  Size (bytes):193
                                                  Entropy (8bit):3.970103303094881
                                                  Encrypted:false
                                                  SSDEEP:3:N5XBE+XO4wD/zBX7WACXI1AtLGayJ90XOFtq:N5XyUyBXrCXIKsaC0XOFtq
                                                  MD5:46B80C2FE9669E17E0F7DACDC591F572
                                                  SHA1:287856A114BE2B3BFACC9AEA7FD76E6AF3E8AD7F
                                                  SHA-256:1AB88527D3CDA97F445EC23180484124C3394EF050520CF4B5849DD18A5CE172
                                                  SHA-512:CD9005F94161DDBBE5EE6DCEC1E1E987D56A693D1E008E07A58DB8EFEBAEC35FA714D0990B7551F27BF60F32ADAC55B33FF789C14BEAC36EF9834F0F185A15E8
                                                  Malicious:false
                                                  Preview:[.. {.. "Date": "07/22/2024",.. "Features": [.. {.. "Name": "TelemetryShield",.. "Performed": [.. "EnableFFTelemetryShield".. ].. }.. ].. }..]

                                                  C:\ProgramData\Lavasoft\Web Companion\Options\ProfileInfo.txt

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:ASCII text, with no line terminators
                                                  Category:dropped
                                                  Size (bytes):89
                                                  Entropy (8bit):4.637275634746083
                                                  Encrypted:false
                                                  SSDEEP:3:ocALRwWDCHyg4EaKC50HE9jnIgyKKDEg3H:oxtwWDCHhJaZ50HE9b7+DEk
                                                  MD5:27EA5DA0071E5EDE7860296F080CBD73
                                                  SHA1:CF5F4A5F69D2D8A148133D59CBCDDB1B4C79ACDB
                                                  SHA-256:F315C83D4FE3D866F7F6C5A2F27B6FB6278205CD450B9145EB42786F81AD13C6
                                                  SHA-512:1E9FA903CA5B6D4F6A0E5EDB6922961BE778097D93AB9D99F4B974793EEF6DA1A0442434EDF9CC9F474BE72425266F6728282FFBFDA95EF3666C02E37B0613C4
                                                  Malicious:false
                                                  Preview:profile=C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles/24a4ohrz.default-release

                                                  C:\ProgramData\Lavasoft\Web Companion\Options\ServicePartnerInfo.txt

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:JSON data
                                                  Category:dropped
                                                  Size (bytes):174
                                                  Entropy (8bit):4.782361708337133
                                                  Encrypted:false
                                                  SSDEEP:3:YRES0Hv8LzC/EjWb1J8xWWWRRRHjOzRU0HHPMiqm8sCVUAHJmCBNvU5GJM3AEVif:Y4Paz2N3gWWWRdOzRfPvCVbpzbUFwEV+
                                                  MD5:BC0DFA95E38A3378448E2F37DFC3A59F
                                                  SHA1:8B90235E5579721DAD62570E84CE6B1D50F723AC
                                                  SHA-256:DFF486A7E6DA1D6247514186404909F70E728826D67E92B6BCA0B97631617DF0
                                                  SHA-512:31BC53F472ED83476BB7F9FA8FEE000AD26095E5356D28CCAA6C5A7C81CE250E3ED76CC392D89986396A81973689324AF8392005A94E505052F19CC8D796499E
                                                  Malicious:false
                                                  Preview:{"target":"partner","ptag":"AF30FAE38D3","ctid":"CT3334466","date":"22/07/2024 10:51:47","campaign":"","wcyid":"WCYID10150","clidhp":2173312,"clidds":1000871,"default":false}

                                                  C:\ProgramData\Lavasoft\Web Companion\Options\Statistics.txt

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:JSON data
                                                  Category:dropped
                                                  Size (bytes):56
                                                  Entropy (8bit):4.461210672320924
                                                  Encrypted:false
                                                  SSDEEP:3:asLGYC41IAsWS2HWBYn:aqGYC41oVgWun
                                                  MD5:66C75727EAB2F16518C998862B808B86
                                                  SHA1:2DE6A2E83E3AD25F9959C662C8828BFE80A637EE
                                                  SHA-256:10D02EE738EABF8A4496E499844F61D0C0D1B9202B9CAFE5EC726D7F19B1CA8D
                                                  SHA-512:AB2993DB0DA42A86E5D9DCEFB16AC7D70C2E3D16FF376E918B675C24573580D8A6358B5139EF61A063536DDBF69F30802746BEEE168609A4192F10584A9ECC68
                                                  Malicious:false
                                                  Preview:{ "install_id" : "b8e1d0b0-b148-462d-8284-94ec0745b3b4"}

                                                  C:\ProgramData\Lavasoft\Web Companion\Options\UpdateServer.txt

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:JSON data
                                                  Category:dropped
                                                  Size (bytes):26
                                                  Entropy (8bit):3.9312089489103226
                                                  Encrypted:false
                                                  SSDEEP:3:anqFfauvY:a/gY
                                                  MD5:CF85989B75515FF6CBAAA6DD23D3882A
                                                  SHA1:3FBBECBCC28E2D4DE5764388BC544DB47AE9957D
                                                  SHA-256:50E3BD90035CA49B3C57050681449C20953F4EFE5711BF4E02E23F2B63968388
                                                  SHA-512:77AC3FA88B08C136C29B907CB1C9B096EE7F97BDE3EC8D6C9382CA9E74060A065EF9AEFC488A5319E9D1570522056584250BE7ABD5ED582E8B4D16F4143E7527
                                                  Malicious:false
                                                  Preview:{..."platform" : "prod"..}

                                                  C:\ProgramData\Lavasoft\Web Companion\Options\b_search.json

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:JSON data
                                                  Category:dropped
                                                  Size (bytes):700
                                                  Entropy (8bit):4.727166525039482
                                                  Encrypted:false
                                                  SSDEEP:12:YWLSHkawuhTpOPWJn9wuhzVuPWJe9zwuhkPWJECwuhD7PWJGwuhzPWGk+c94GniX:YWLSHk/DOJeQVuOJe9cnOJAs7OJ7oOGn
                                                  MD5:359CCE9C2DF62868BF4096E887993CB7
                                                  SHA1:F3683EE9E7ED5CFC3570D9AAF769EEF6F4FA3A95
                                                  SHA-256:FCD6CEBFE6E9D8BDDF1C4B09771D7D849F2FDC105F991337E45D6AA82F33B627
                                                  SHA-512:A5E99FA8AA18E6A7CEB7CFB0C99DC99B606567AD1DDC3BF5AB81D18502F513A9D96D264552F81508317778216B4A4360D87E96AFF302CC7F7FE1DF92C59A6737
                                                  Malicious:false
                                                  Preview:{"version":9,"engines":[{"id":"google@search.mozilla.orgdefault","_name":"Google","_isAppProvided":true,"_metaData":{}},{"id":"amazondotcom@search.mozilla.orgdefault","_name":"Amazon.com","_isAppProvided":true,"_metaData":{}},{"id":"wikipedia@search.mozilla.orgdefault","_name":"Wikipedia (en)","_isAppProvided":true,"_metaData":{}},{"id":"bing@search.mozilla.orgdefault","_name":"Bing","_isAppProvided":true,"_metaData":{}},{"id":"ddg@search.mozilla.orgdefault","_name":"DuckDuckGo","_isAppProvided":true,"_metaData":{}}],"metaData":{"useSavedOrder":false,"locale":"en-US","region":"default","channel":"release","experiment":"","distroID":"","appDefaultEngineId":"google@search.mozilla.orgdefault"}}

                                                  C:\ProgramData\Lavasoft\Web Companion\Options\install.txt

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:JSON data
                                                  Category:dropped
                                                  Size (bytes):165
                                                  Entropy (8bit):4.170978774397561
                                                  Encrypted:false
                                                  SSDEEP:3:CMNYi8AE0fFitZWylAuCYotZWyRfFom3V/HrHuARNQf5Wy/HTY:CMqzgwAqG3NTu0CF0
                                                  MD5:727E402A775662A0771E0ED1AC80B4ED
                                                  SHA1:544DD01EA94E2E9D5A0543A08EE66A92072D1A3E
                                                  SHA-256:24132B4C745A2BC389BEE7420CBEB8FB56B20BBA2AF9C8CE8C7892D4DD2CFB5F
                                                  SHA-512:9ACED697750817D2F27F9590DA7BA97CB2BF6E602B240AA2F4EB3921C7F7219A5597D1AB088461E7DA0638F727BBE5D911A355B3002F597D55A567549D79C1ED
                                                  Malicious:false
                                                  Preview:{..."homepage" : 0,.. "search" : 0,.. "browserhomepage" : "",.. "browsersearch" : "",.. "installbrowser" : "false",.. "setdefaultbrowser" : "false"..}

                                                  C:\ProgramData\Lavasoft\Web Companion\Options\partner.txt

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:JSON data
                                                  Category:dropped
                                                  Size (bytes):48
                                                  Entropy (8bit):4.371115365169274
                                                  Encrypted:false
                                                  SSDEEP:3:a+R2Hg7mFFHr:a+R2A7mFFL
                                                  MD5:C88F3808F8DAEDBBDB3811F52D13CC44
                                                  SHA1:A3CC291B189ECD5796E7C04B65D22B4716ED6910
                                                  SHA-256:4386AE13EE4D1F0C2801243197A628575CF0B93AFD97025C1121135EB29AB6B1
                                                  SHA-512:E05B64458CFF88526DE2176D0808D37502A26B45E1F827289273172B486F8DDB51F720C9DD5ACBA8242C381DF3787AC708428CA157112A94688A4292D98B14C6
                                                  Malicious:false
                                                  Preview:{..."partner" : "FZ210427",..."campaign" : ""..}

                                                  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion\Frequently Asked Questions.url

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:MS Windows 95 Internet shortcut text (URL=<http://webcompanion.com/faq>), ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):155
                                                  Entropy (8bit):5.033691523270495
                                                  Encrypted:false
                                                  SSDEEP:3:HRAbABGQYm/0AmgDKYKCLJ4ovst1Jj4I5pEIRfT8ZEWVjkRMQ5TdeLHD:HRYFVm/5mg+DCLJlvstf5TLk2deLHD
                                                  MD5:27B7882881492FE3DFC5B7BA2B5D649A
                                                  SHA1:A28581AE5F8ADE293AE052994572BD6654A96563
                                                  SHA-256:69DD17B153805DD6C1FCE8A8EA863DEE80391A6C52961864DD4777EDE991B0B4
                                                  SHA-512:62D18284E0982F379BBE7BFD18E6BFB270D8B8E6617A296A12FF329E5CD5813D5ED50B222B6FD234121C7933972B9AE36A73541E025A28E50562D5CB57F6944F
                                                  Malicious:false
                                                  Preview:[InternetShortcut]..URL=http://webcompanion.com/faq..IconIndex=0..IconFile=C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionIcon.ico..

                                                  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion\Web Companion.lnk

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has command line arguments, Icon number=0, Archive, ctime=Mon Jul 22 09:50:53 2024, mtime=Mon Jul 22 09:51:45 2024, atime=Mon Jul 22 09:50:53 2024, length=9332952, window=hide
                                                  Category:dropped
                                                  Size (bytes):2334
                                                  Entropy (8bit):3.709470987888286
                                                  Encrypted:false
                                                  SSDEEP:48:8Y2lDcCdOGhEQqG5Wl3nMXTdM8ZlfUAdM8ZlqkZM8Zlqx87uWyg:8XlDp2VGo8tU2js87uWy
                                                  MD5:BDD4DE4E610FA479BB4A4793016ABDB7
                                                  SHA1:49CEEE5366B953A416DA15B351C8D5A79D0C77A9
                                                  SHA-256:A05349A6A3550BD72D4621A6C064E787CA834E7357C03B719F50BABDF8FC1D38
                                                  SHA-512:8978C16333BF42AB5116639AA6183E922A937AE3D8CAA8DF9FD8F25812378C3126378F5C51623A2BF8576FAF2B643559060F3367F0C9FB5C36F95FF648678EB3
                                                  Malicious:false
                                                  Preview:L..................F.@.. ....Y..%...`8.%%...?...%....h......................S....P.O. .:i.....+00.../C:\.....................1......XZV..PROGRA~2.........O.I.XZV....................V.........P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....Z.1......XZV..Lavasoft..B.......XZV.XZV..............................L.a.v.a.s.o.f.t.....d.1......XfV..WEBCOM~1..L.......XZV.XfV..........................9...W.e.b. .C.o.m.p.a.n.i.o.n.....`.1......X\V..APPLIC~1..H.......XZV.XwV....;.........................A.p.p.l.i.c.a.t.i.o.n.....n.2..h...X[V .WEBCOM~1.EXE..R.......X[V.X[V....V#.....................pq.W.e.b.C.o.m.p.a.n.i.o.n...e.x.e.......y...............-.......x............]il.....C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe....W.e.b. .C.o.m.p.a.n.i.o.n.\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.L.a.v.a.s.o.f.t.\.W.e.b. .C.o.m.p.a.n.i.o.n.\.A.p.p.l.i.c.a.t.i.o.n.\.W.e.b.C.o.m.p.a.n.i.o.n.

                                                  C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_FileZilla_3.67.1_55cbe3f513f91b2ca633c5226c727ff723e4416_d9daa34f_6e40e8ea-a40b-4c70-a8b8-2a73a13ea5bd\Report.wer

                                                  Download File
                                                  Process:C:\Windows\SysWOW64\WerFault.exe
                                                  File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):65536
                                                  Entropy (8bit):1.301322314738945
                                                  Encrypted:false
                                                  SSDEEP:192:EkM3CJwG50Wbkbj49CZaEwzdzuiF1Z24IO8y:/SCJwGaWbkbjHPwBzuiF1Y4IO8y
                                                  MD5:8580733867986BE64A1DD6086AD845DE
                                                  SHA1:20818D42DF0ADB61D91C91C1F71D46E5F88496A6
                                                  SHA-256:22B8BABA224D079FA06B38F96C755848EF9C4E568ED7041E9D0B5B75B0217A3F
                                                  SHA-512:B2E221E45F3B8309052F9DD012918B270D9CB71B9AB428F7C718FF1CACAE2B28881734C32DDF95639749D26EEA011F8B26D3E4D510C442453F601AC388B7EFBA
                                                  Malicious:false
                                                  Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.A.P.P.C.R.A.S.H.....E.v.e.n.t.T.i.m.e.=.1.3.3.6.6.1.1.9.0.8.6.6.8.2.5.4.2.9.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.6.6.1.1.9.0.8.7.1.2.0.0.4.8.0.....R.e.p.o.r.t.S.t.a.t.u.s.=.6.5.5.4.5.6.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.6.e.4.0.e.8.e.a.-.a.4.0.b.-.4.c.7.0.-.a.8.b.8.-.2.a.7.3.a.1.3.e.a.5.b.d.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.7.1.c.f.c.3.7.d.-.8.f.f.e.-.4.0.7.3.-.b.a.2.b.-.4.1.a.2.d.5.f.b.f.8.8.1.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.F.i.l.e.Z.i.l.l.a._.3...6.7...1._.w.i.n.6.4._.s.p.o.n.s.o.r.e.d.-.s.e.t.u.p...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.F.i.l.e.Z.i.l.l.a._.3...6.7...1._.w.i.n.3.2.-.s.e.t.u.p...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.0.8.7.8.-.0.0.0.1.-.0.0.1.4.-.8.9.4.6.-.2.4.e.e.2.4.d.c.d.a.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.3.0.5.9.5.9.3.f.4.5.3.c.2.c.6.1.1.6.3.0.e.4.b.2.d.c.2.5.6.6.5.e.

                                                  C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_FileZilla_3.67.1_a7d39bd21e76c0e123ab695c2fcb1a3cdab88d_d9daa34f_fdbed2e1-2b91-43ac-8441-9af887df1af0\Report.wer

                                                  Download File
                                                  Process:C:\Windows\SysWOW64\WerFault.exe
                                                  File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):65536
                                                  Entropy (8bit):1.3069353024461137
                                                  Encrypted:false
                                                  SSDEEP:192:txgKQTC/wGe0Wbkbj49CZaEwzdzuiF4Z24IO8X:txJQTC/wGFWbkbjHPwBzuiF4Y4IO8X
                                                  MD5:160C2C5EEAFF7F22AF8B839E65374184
                                                  SHA1:901D002619C944EEC0E56DC39685C11640BAA9E2
                                                  SHA-256:8E123BFDA1CDF681D5EAB0E985AD16345B69B5FBBDB348CA458028FCFD84F2C3
                                                  SHA-512:D505549D4E1257E2A685D54B152883A6B4D9CB5E0A1A4FF928360D26B3F5C504B423251A5C27585CD339D45AA73B39C4817F2AA7D4D94DC55DC9CA0628AFA68B
                                                  Malicious:false
                                                  Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.B.E.X.....E.v.e.n.t.T.i.m.e.=.1.3.3.6.6.1.1.9.0.3.6.9.5.1.8.3.4.2.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.6.6.1.1.9.0.3.7.5.1.4.3.2.4.9.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.f.d.b.e.d.2.e.1.-.2.b.9.1.-.4.3.a.c.-.8.4.4.1.-.9.a.f.8.8.7.d.f.1.a.f.0.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.1.d.7.e.1.2.6.3.-.1.c.8.6.-.4.7.9.8.-.9.7.d.9.-.4.3.c.5.7.5.3.1.a.f.8.8.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.F.i.l.e.Z.i.l.l.a._.3...6.7...1._.w.i.n.6.4._.s.p.o.n.s.o.r.e.d.-.s.e.t.u.p...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.F.i.l.e.Z.i.l.l.a._.3...6.7...1._.w.i.n.3.2.-.s.e.t.u.p...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.0.8.7.8.-.0.0.0.1.-.0.0.1.4.-.8.9.4.6.-.2.4.e.e.2.4.d.c.d.a.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.3.0.5.9.5.9.3.f.4.5.3.c.2.c.6.1.1.6.3.0.e.4.b.2.d.c.2.5.6.6.5.e.0.0.0.0.0.

                                                  C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_FileZilla_3.67.1_b1d8707dd0e8f07444e01fbbc66cc7db671646f_d9daa34f_9e265d0b-d67d-4520-ac21-f891b6f9980f\Report.wer

                                                  Download File
                                                  Process:C:\Windows\SysWOW64\WerFault.exe
                                                  File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):65536
                                                  Entropy (8bit):1.3070318661172557
                                                  Encrypted:false
                                                  SSDEEP:192:yLCBwGS0Wbkbj49CZaEwzdzuiF4Z24IO8X:mCBwGZWbkbjHPwBzuiF4Y4IO8X
                                                  MD5:BF2332F15EB3E575469C63D98BD79911
                                                  SHA1:5E6F2D3116812F5B7E7D0E3795AADE93C08045B1
                                                  SHA-256:524A488562FCE95561FE860B0B4C055C768B6BEACC70E58C87AA79C3897FC7D0
                                                  SHA-512:3C49648347FB108270BBC239B1441A8ECC17810574C487B27B5181E49344641E2396CF5C59E407C10903C8EF0231F396FD07DFF8617E31BAA83584C5945E4B65
                                                  Malicious:false
                                                  Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.B.E.X.....E.v.e.n.t.T.i.m.e.=.1.3.3.6.6.1.1.9.0.5.3.2.7.9.6.7.7.7.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.6.6.1.1.9.0.5.3.8.7.3.4.1.9.2.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.9.e.2.6.5.d.0.b.-.d.6.7.d.-.4.5.2.0.-.a.c.2.1.-.f.8.9.1.b.6.f.9.9.8.0.f.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.9.9.f.e.4.b.7.9.-.1.c.5.7.-.4.0.9.a.-.b.b.7.b.-.e.e.1.b.8.0.6.c.a.9.9.7.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.F.i.l.e.Z.i.l.l.a._.3...6.7...1._.w.i.n.6.4._.s.p.o.n.s.o.r.e.d.-.s.e.t.u.p...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.F.i.l.e.Z.i.l.l.a._.3...6.7...1._.w.i.n.3.2.-.s.e.t.u.p...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.0.8.7.8.-.0.0.0.1.-.0.0.1.4.-.8.9.4.6.-.2.4.e.e.2.4.d.c.d.a.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.3.0.5.9.5.9.3.f.4.5.3.c.2.c.6.1.1.6.3.0.e.4.b.2.d.c.2.5.6.6.5.e.0.0.0.0.0.

                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WER3.tmp.txt

                                                  Download File
                                                  Process:C:\Windows\System32\svchost.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):13340
                                                  Entropy (8bit):2.6842056645433012
                                                  Encrypted:false
                                                  SSDEEP:96:TiZYWfVGkBCqYsYiWJMnHHwUYEZ6PqtFi1MFhr2yw6SweTaknYMFZOIRd/3:2ZDHbpUPUmwsaknYMFZZR93
                                                  MD5:57D0BD521FA8F64B8DAD1902568815CE
                                                  SHA1:A300415E368DF106A19054C1ACC31A654E825D64
                                                  SHA-256:9C19F88DA30072F4FD7746699AD2A4E2E96D23D10884E9535D06105DAC8D53F6
                                                  SHA-512:0FD410313B8DCFD5E2CBCE70FCB07C59FEDAFA69DFF27A78269E4F23F27B2AADB93C5C1F95EB63DA0A9F6A9E4BA4880FD910A6B35BE729B4A2C2CFE2E99C5591
                                                  Malicious:false
                                                  Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WER3DF6.tmp.dmp

                                                  Download File
                                                  Process:C:\Windows\SysWOW64\WerFault.exe
                                                  File Type:Mini DuMP crash report, 15 streams, Mon Jul 22 10:50:53 2024, 0x1205a4 type
                                                  Category:dropped
                                                  Size (bytes):142486
                                                  Entropy (8bit):2.2390418916476
                                                  Encrypted:false
                                                  SSDEEP:768:QisXhgfccXT8WxlzRv2Nb30J4EzetuRYgBf8ymrZS1/ip:1SEljlt+bizeti8tr41
                                                  MD5:07B6C3C6A77973C69016413A453FA286
                                                  SHA1:78CEED1FE05A3F513DED116BFC5C609DB9BDCB04
                                                  SHA-256:99A62E6152CC11EA68FB057F59027D5B56068A90ACF41D179822ACFF28BB62E5
                                                  SHA-512:F7A8A80E6634990EF279B44CBCA00CBD9F90B2D2DF4A17E03C6647630295EF6688ABBB3F99A2961435C3E08F2F3EE15026CCADB9B041877A17B2AA108D717448
                                                  Malicious:false
                                                  Preview:MDMP..a..... ........9.f............D............(..X...........p1...........d..........`.......8...........T...........Pe..F............1...........3..............................................................................eJ......x4......GenuineIntel............T.......x...e9.f.............................0..............,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WER3F10.tmp.WERInternalMetadata.xml

                                                  Download File
                                                  Process:C:\Windows\SysWOW64\WerFault.exe
                                                  File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):8516
                                                  Entropy (8bit):3.6895500380071264
                                                  Encrypted:false
                                                  SSDEEP:192:R6l7wVeJhI6/6YSnSU9IZLQgmfIqpDT89b77lf5Jm:R6lXJ+6/6YiSU9ksgmfID7Zfm
                                                  MD5:E7D1EF81732EF4705F1BEB2B4DBDBB7A
                                                  SHA1:1585E90D1B9A5724EBD2161186E7FE6DD15DB1F6
                                                  SHA-256:9006A42953D39ACB4BF0C9F331591985176882C30996803D2EB5E308B8E7166A
                                                  SHA-512:BFC8B869905A6B6C1932A86DEF7E84FE0C8CE3F210ED21FF137FC84D0AFEEE6894287525166CF8BA9A769C826557D56AC665562DDC769A4153F6979C13CF3DEF
                                                  Malicious:false
                                                  Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.2.1.6.8.<./.P.i.

                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WER3F30.tmp.xml

                                                  Download File
                                                  Process:C:\Windows\SysWOW64\WerFault.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):4918
                                                  Entropy (8bit):4.524611386324279
                                                  Encrypted:false
                                                  SSDEEP:48:cvIwWl8zskJg77aI9YzWpW8VYm5Ym8M4JFenmVFUmse+q8vcnm34zTnhSHSy4d:uIjfiI7GC7VyJAmRKAzTn8yy4d
                                                  MD5:AD2F554D35C69470043E12A3DC497676
                                                  SHA1:88554EDDE82CA7B09CF27504F3C6BB9706AA792A
                                                  SHA-256:CAA2E82ADE1CD6776FCB38ECD662A5A708FE06CB2A00ECB52F18938BE1BE8203
                                                  SHA-512:747C656F27A22A1265451C05DF063F744A0A2F93361933D8EA3EC6E25F2B09D317447DACE930CDFC094EEE1CB55833321710CCB54C72C7726FA8FF9FF0914286
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="422033" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WER3F40.tmp.csv

                                                  Download File
                                                  Process:C:\Windows\System32\svchost.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):82378
                                                  Entropy (8bit):3.0708943708749854
                                                  Encrypted:false
                                                  SSDEEP:1536:rf1Vr+F2rArY2SpYeDuPCiC4a/Abex4XfIgwnI++j+eq1Mx+W7+:rf1Vr+F2rArY2SpYeDuPCiC4a/Abex4Q
                                                  MD5:257A29FDF5D2DC8452ACD028C3F96936
                                                  SHA1:0AFDEF9C2DA2A49D7177474762F470B6CAE524BF
                                                  SHA-256:7D5C758B9D0BD6545AFAE55CBF9FEE5069596409528B8C4DEC87CDFDCB41EA77
                                                  SHA-512:61F23EE04754316899B486FCDDFEE561AC41395411D7E8DD95B0754D7B3B32073D9BBE693FF1C066AEE9EF91C1B8A8E4F9E37AEBC7FE810D7CFDBE94AE124CA1
                                                  Malicious:false
                                                  Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WER3FED.tmp.txt

                                                  Download File
                                                  Process:C:\Windows\System32\svchost.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):13340
                                                  Entropy (8bit):2.684316767722754
                                                  Encrypted:false
                                                  SSDEEP:96:TiZYWsvBdodYpYTWI1HQUYEZN5itFiiMdhowI5X2aJngMAZzyPINd/3:2ZDegu85eYaJngMAZzjN93
                                                  MD5:1E69141D5CFB6D4F7EC389AB5297B889
                                                  SHA1:0BE5660C3C4099539B37CBE2006FE656E6BBE1A4
                                                  SHA-256:65D16E1F136659DE1937D1964CF9E8348D82E0F752B9AA080C2951925FC2C0D8
                                                  SHA-512:0D5874285D1B91C1A5DDFF03300BF983BAB4F4453A43A9DBD053EA2C8E98777190E5E5CC72E9F303FD780680B1CF5DA21D7057F6DE1429DDA1F9548A380A1E88
                                                  Malicious:false
                                                  Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WERC064.tmp.dmp

                                                  Download File
                                                  Process:C:\Windows\SysWOW64\WerFault.exe
                                                  File Type:Mini DuMP crash report, 15 streams, CheckSum 0x00000004, Mon Jul 22 10:51:26 2024, 0x1205a4 type
                                                  Category:dropped
                                                  Size (bytes):17946
                                                  Entropy (8bit):2.9767482325548245
                                                  Encrypted:false
                                                  SSDEEP:192:qMITTrpkZxDgkUt4XDlXrl/OTh2Ee5s9E:BITpkZhUtC2T81s9E
                                                  MD5:2D8046E37FE2982FE132DACA2C16684B
                                                  SHA1:F8AB6DCA27F5A5218D724012F11B88AAC4CB2A4B
                                                  SHA-256:B644B41ADC8B637D0DDD4A550462585E58B44B8B20AC9CEE303957F56F74B341
                                                  SHA-512:B5EAC5055D282A5550A7A2A9D0B6F2D6CAEDBCC9813C16B344461369C5761557402CF376F385280B998864A7648C0DB16B540E89A84680B22588350B55586FBA
                                                  Malicious:false
                                                  Preview:MDMP..a..... ........9.f............4............(..H...........`/..........^A..........`.......8...........T................/...........1..........................................................................................eJ......h2......GenuineIntel............T.......x...e9.f.............................0..............,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WERC111.tmp.WERInternalMetadata.xml

                                                  Download File
                                                  Process:C:\Windows\SysWOW64\WerFault.exe
                                                  File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):8408
                                                  Entropy (8bit):3.687656175037409
                                                  Encrypted:false
                                                  SSDEEP:192:R6l7wVeJfj6iW1Re6YSBSUXZIgmf3qpDs89bQLlfIwm:R6lXJ7626YUSUpIgmf3OQpfG
                                                  MD5:76A3B3EF1B0058237E35842C8CC8EF37
                                                  SHA1:7F68F0164649BD6BC1B4BBEDE8D3932B638C5FC3
                                                  SHA-256:CF43579D3191431F405C5951248CA7A879BC98E173DC4782D74426253083C0E5
                                                  SHA-512:F5B3B29DF69A01AF61FFE3048FBD6F044D4783A138EDC822D3D4845D4D3A66B4BA6AE3F7A702DC386CAD141F9C5C5ACE777FA13D84073097CF871425DDE9D5A3
                                                  Malicious:false
                                                  Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.2.1.6.8.<./.P.i.

                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WERC131.tmp.xml

                                                  Download File
                                                  Process:C:\Windows\SysWOW64\WerFault.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):4817
                                                  Entropy (8bit):4.540535713717573
                                                  Encrypted:false
                                                  SSDEEP:48:cvIwWl8zs5Jg77aI9YzWpW8VY2vYm8M4JFenmWFvvn+q8oDz94zTnhSHSy4d:uIjfLI7GC7VByJOvnozTn8yy4d
                                                  MD5:2F8B3C83B89441F58773289A3039D9E5
                                                  SHA1:483A8EA695DD08A7966FDF1DF158FC8E0127CCF2
                                                  SHA-256:2D92A76FFAE1671CDBAE433805401FB04472669494E72AF193345A27664EA3BB
                                                  SHA-512:4BEA5198FA129528B487992B08BCE53520B77BB456722315F36FF467966874771FC7620FDD3F677EE8D998B62BDC68D61A81A88CB7FADB689CFEE3800B209480
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="422034" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WERC153.tmp.csv

                                                  Download File
                                                  Process:C:\Windows\System32\svchost.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):81394
                                                  Entropy (8bit):3.0727312401353712
                                                  Encrypted:false
                                                  SSDEEP:1536:RfVfe9dRQqNlWAEbuLDA19iCfZ2heNOq+aK+7VADm+y+xvnoYN+a+kPlJKvn+SGJ:RfVfe9dRQqNlWAEbuLDA19iCfZ2heNOD
                                                  MD5:DB962434C7B7FA516CB193C531AB3568
                                                  SHA1:170C29E2F8142EB7A19A85A214E08E4C70FAA9D1
                                                  SHA-256:9D383ED18F6D8713885AD7A7E6CA9429DCA77EE71D4FC5C59627F80700A37526
                                                  SHA-512:99AF2330601E631E2FA6F8B26CE75E337CC34C09FD3B6EC953E77F3980C37278507EE832CA0C08C5319CB4C69C6049F695B02771DC2AEC722111F4125DCE686B
                                                  Malicious:false
                                                  Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WERC1D1.tmp.txt

                                                  Download File
                                                  Process:C:\Windows\System32\svchost.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):13340
                                                  Entropy (8bit):2.6852610835881365
                                                  Encrypted:false
                                                  SSDEEP:96:TiZYWxXEmOhLYOY1W0+eHaYEZvNtFi5+YNWwW6dNa6nCp8MHktI5d/3:2ZDxOJ74va6nCp8MHky593
                                                  MD5:2A1BC71B67CB5239D4011D3E91A73B1E
                                                  SHA1:8CDDE5B40508E6F3B277869A79E4C4EFCCF5319B
                                                  SHA-256:961A1CED10D556D4D8216CDD2903B2B1CE0DD5125D0A22BCD48C157AB4E818B9
                                                  SHA-512:CA386777B468EA6EE85E87CADAB8E7CA308F58ED52612BB79552D321AF11DDEE2B2255D2D8EC19BDCA125AE0B05CF90B88285A554987BE71850F9246A9B4D654
                                                  Malicious:false
                                                  Preview:B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WERFE1E.tmp.dmp

                                                  Download File
                                                  Process:C:\Windows\SysWOW64\WerFault.exe
                                                  File Type:Mini DuMP crash report, 15 streams, Mon Jul 22 10:50:37 2024, 0x1205a4 type
                                                  Category:dropped
                                                  Size (bytes):142206
                                                  Entropy (8bit):2.2334846619945927
                                                  Encrypted:false
                                                  SSDEEP:768:kiKXhgf0tT8tKl9Rvqlhb/0J4EzetuR20pD4xAuQXC:BcE6lTMhbKzet+4xOXC
                                                  MD5:A4F6C11D9051C31D56944A6F5FEDCDF9
                                                  SHA1:F38349F7B45A8B1500B2253966EAF6CCDBD6B209
                                                  SHA-256:0322B14FDB0E04537E3FD10FC427D512C32A8338A382CC0959232C1389FBB3B1
                                                  SHA-512:AE15498BA76B5E34DE9CF5C553EA9410316A47526B2B50A2AACC9F12CD2410D9B09FCE3B7AA01BF690675DF2E92BAD67DDA9868E4AC7A79D3E84D9E54C34EA9C
                                                  Malicious:false
                                                  Preview:MDMP..a..... .......}9.f............D............(..X...........p1......t....d..........`.......8...........T............d...............1...........3..............................................................................eJ......x4......GenuineIntel............T.......x...e9.f.............................0..............,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WERFF57.tmp.WERInternalMetadata.xml

                                                  Download File
                                                  Process:C:\Windows\SysWOW64\WerFault.exe
                                                  File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):8516
                                                  Entropy (8bit):3.688539595115267
                                                  Encrypted:false
                                                  SSDEEP:192:R6l7wVeJh96EK6YSbSU9DZ6gmfcqpr+89bZ7sfdXzm:R6lXJL6J6YeSU9F6gmfcoZAfda
                                                  MD5:6B22A6D324C6ACDCD768DC8B228B46FC
                                                  SHA1:6188105338934A84CE5183B2E08F36202120B9CB
                                                  SHA-256:F958E8FC34B1FA223E89F6C6759D77BC9799E32230AFFE6855B93E108D7A185A
                                                  SHA-512:17A0AEE24E179EB0266EE4266123AB67D7B5440D04D2AD8E3BD994C49FDDAC94F398103ABF777D9873D323FE2D9EFB4EB8424ED15996EA50C45D3F568C10064D
                                                  Malicious:false
                                                  Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.2.1.6.8.<./.P.i.

                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WERFF97.tmp.xml

                                                  Download File
                                                  Process:C:\Windows\SysWOW64\WerFault.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):4918
                                                  Entropy (8bit):4.527031599328088
                                                  Encrypted:false
                                                  SSDEEP:48:cvIwWl8zskJg77aI9YzWpW8VYAYm8M4JFenmpFN7j+q8vcnmb4zTnhSHSy4d:uIjfiI7GC7VsJ5jKczTn8yy4d
                                                  MD5:EBFB73BD00B8B1F25E7F132F72D9BC0D
                                                  SHA1:59E11745EC6C9C455312F767A6656BAA9946DA6F
                                                  SHA-256:43E53C8E0A9C1DCEC5493844C71345F4B31B8089AFA14C01087A99E79FE9EE32
                                                  SHA-512:87C7DCB6DCBA14C99922273E1D41B1EB87D612E024AB96B2BE43F16D3F429341ABDA97C000C71A15408369040395C001AB2B3B0B8E9037FD3D74C2B22A770163
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="422033" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WERFFA4.tmp.csv

                                                  Download File
                                                  Process:C:\Windows\System32\svchost.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):81836
                                                  Entropy (8bit):3.0703474428834916
                                                  Encrypted:false
                                                  SSDEEP:1536:WfOOLjolLbx2jsCrDuPLX7Vbex4XfIgVpq5v5h:WfOOLjolLbx2jsCrDuPLX7Vbex4XfIgu
                                                  MD5:D73A25D6077F36C65EFB93C6C28167B2
                                                  SHA1:D990015B9C2F0F675842FDB51ABCB169769F73DB
                                                  SHA-256:158BD0D440FB629C9D519FB532CA5ECB7300D5DCD526F5755374F80A6D1CBE33
                                                  SHA-512:C0DF89F82D3F8BC27894101923476D82AEE3226F4C3C9430058217A0FE0E2EF4976A80400D13AD10DBD860C0EE5AF7A42050729CFB1360F2591552C1B92BEA79
                                                  Malicious:false
                                                  Preview:I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

                                                  C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
                                                  Category:dropped
                                                  Size (bytes):71954
                                                  Entropy (8bit):7.996617769952133
                                                  Encrypted:true
                                                  SSDEEP:1536:gc257bHnClJ3v5mnAQEBP+bfnW8Ctl8G1G4eu76NWDdB34w18R5cBWcJAm68+Q:gp2ld5jPqW8LgeulxB3fgcEfDQ
                                                  MD5:49AEBF8CBD62D92AC215B2923FB1B9F5
                                                  SHA1:1723BE06719828DDA65AD804298D0431F6AFF976
                                                  SHA-256:B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F
                                                  SHA-512:BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B
                                                  Malicious:false
                                                  Preview:MSCF............,...................I..................XaK .authroot.stl.[.i..6..CK..<Tk......4.cl!Kg..E..*Y.f_..".$mR"$.J.E.KB."..rKv.."{.g....3.W.....c..9.s...=....y6#..x..........D......\(.#.s.!.A.......cd.c........+^.ov...n.....3BL..0.......BPUR&.X..02.q...R...J.....w.....b.vy>....-.&..(..oe."."...J9...0U.6J..|U..S.....M.F8g...=.......p...........l.?3.J.x.G.Ep..$g..tj......)v]9(:.)W.8.Op.1Q..:.nPd........7.7..M].V F..g.....12..!7(...B.......h.RZ.......l.<.....6..Z^.`p?... .p.Gp.#.'.X..........|!.8.....".m.49r?.I...g...8.v.....a``.g.R4.i...J8q....NFW,E.6Y....!.o5%.Y.....R..<..S9....r....WO...(.....F..Q=*....-..7d..O(....-..+k.........K..........{Q....Z..j._.E...QZ.~.\.^......N.9.k..O.}dD.b1r...[}/....T..E..G..c.|.c.&>?..^t. ..;..X.d.E.0G....[Q.*,*......#.Dp..L.o|#syc.J............}G-.ou6.=52..XWi=...m.....^u......c..fc?&pR7S5....I...j.G........j.j..Tc.El.....B.pQ.,Bp....j...9g.. >..s..m#.Nb.o_u.M.V...........\#...v..Mo\sF..s....Y...

                                                  C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):328
                                                  Entropy (8bit):3.2478978672539016
                                                  Encrypted:false
                                                  SSDEEP:6:kKXxM99UswD8HGsL+N+SkQlPlEGYRMY9z+4KlDA3RUebT3:PPDImsLNkPlE99SNxAhUe/3
                                                  MD5:70AA8A220291FCE89A6DB2CEB83F9AC4
                                                  SHA1:B8BC43435FC8149F31946FE3CB09B89F08DAFA10
                                                  SHA-256:1F3B9FAEF6763DD0494BEF890187411EF1D007B537918A6B5C0C72FECDDEE4B3
                                                  SHA-512:FB22978519703F65286B5B1D46D02BBFB86E98278CD99AB62C8B1CCB56446E86FA2DB5465894F99CD4CD8DEA4E06165A4620E76DBB7D5FC38F8D63EC7EBDD6DF
                                                  Malicious:false
                                                  Preview:p...... ........N..$...(....................................................... ........G..@.......&......X........h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".a.7.2.8.2.e.b.4.0.b.1.d.a.1.:.0."...

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\4hmdeoq7.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):4726
                                                  Entropy (8bit):4.205799712295957
                                                  Encrypted:false
                                                  SSDEEP:96:ZnjAnvlAnbW86MnmV5nNKnAT3noAn0AnRAnQAnTAnwAn3AnfAnWgAnAZ08AnBAnx:9hYIDa
                                                  MD5:3197F06F0A3C212880B1DC2FAF14B8DF
                                                  SHA1:CA63C9CBDECE9D400AD41034D1D4F79145B9C9BC
                                                  SHA-256:3B883366993B0EE53C722279B84CCAC774DEF67ABF9F36857C3D1F4F7F6D1C8D
                                                  SHA-512:3DB42C91BB1CEF8FAF01981E642E320630992AAE4A28989E04BA726A2DD8F8D26762863EAE99AE748D651E62A97A8C86F93946D9C81DDFB337EE8C1302FAD0DF
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="RunAtSystemStartup" serializeAs="String">.. <value>True</value>.. </setting>.. <setting name="IsAppRunningForTheFirstTime" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="AppHeartbeat" serializeAs="String">.. <value>22.06:51:54</value>.. </setting>.. <setting name="CountryISO" serializeAs="String">.. <value>US</value>.. </setting>.. <setting name="OriginalDefaultBrowserHomePage" serializeAs="String">.. <value>about:home</value>.. </setting>.. <setting name="OriginalDefaultBrowserDefaultSearch" serialize

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\61fw9y3f.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):2053
                                                  Entropy (8bit):4.231965858593763
                                                  Encrypted:false
                                                  SSDEEP:48:cFGnvQEAnOgnDEAnYGEAn0EAnGmEAnCEAn7EAn8fEAnYJEAnWLEAndocZtXw:ZnvlAn3noAn0AnRAnQAnTAnwAn3AnfAd
                                                  MD5:0F52567FF36EE6655A32219F21B54887
                                                  SHA1:4FB341E09EAF176BC4E2D97F37A9DE5D0C30872E
                                                  SHA-256:89DECCB3A952F09D39DE0A9644CF37FD83AFDB4AB97B52D9E0A9935F8A6ED152
                                                  SHA-512:C44616767F441448CB32E40C3AE9C0F7836A726989424FA9D37C0F40AF8779D8BB0F035B6763E7280063C3BAA500DAC59A3EDF002195960CB85F53C2C9AA8C48
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="RunAtSystemStartup" serializeAs="String">.. <value>True</value>.. </setting>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="ProductVersionType" serializeAs="String">.. <value>Free</value>.. </setting>.. <setting name="IsSearchProtectOn" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="EnableWebBar" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="IsMURLOptOut" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="EnableChromeExtension" serializeAs="String">.. <value>False<

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\6cft8oab.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):2457
                                                  Entropy (8bit):4.226523945178669
                                                  Encrypted:false
                                                  SSDEEP:48:cFGnyEAnvQEAn8xgOgnDEAnYGEAn0EAnGmEAnCEAn7EAn8fEAnYJEAnWLEAnY/TY:ZnjAnvlAn863noAn0AnRAnQAnTAnwAnS
                                                  MD5:90B67D52FD7AF040ED650E8B69A6F48B
                                                  SHA1:3A0F5CE8C8A30138A3FE4B58DC7C5F0CD5393159
                                                  SHA-256:AA46E83E18AD38BAD44BC70DA9F2C9FDE7B20A1BB3452255920FB1978127BB29
                                                  SHA-512:CD75BD638EB97286F58DB56D069B1BAFE61A853EA56C60F5E6F9F162F67DF131336B2D583FF68200D67D26E44E72441D26DEC9FD765F57728CC02732F2AD2BDA
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="RunAtSystemStartup" serializeAs="String">.. <value>True</value>.. </setting>.. <setting name="IsAppRunningForTheFirstTime" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="CountryISO" serializeAs="String">.. <value>US</value>.. </setting>.. <setting name="ProductVersionType" serializeAs="String">.. <value>Free</value>.. </setting>.. <setting name="IsSearchProtectOn" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="EnableWebBar" serializeAs="String">.. <value>False

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\7ow1d2pn.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):4088
                                                  Entropy (8bit):4.233496284905796
                                                  Encrypted:false
                                                  SSDEEP:96:ZnjAnvlAnbW86MnmV5nNKnAT3noAn0AnRAnQAnTAnwAn3AnfAnWgAnAZBAnEoAnD:9hYvD9
                                                  MD5:2955F40E846797D0129D7FAF0A3C1BD9
                                                  SHA1:C106807D9C83EB52CDDCD4408F316ABC50641689
                                                  SHA-256:BA5E43996F00DB31903D52B68CA88F05E0E25475579F2D965E26E8C0235EB18C
                                                  SHA-512:59B007536731F0D7858429BB0C8E33C43806F14C44DAA4CD54136E28D47100871C16A5BA211EE05938A3E008456F3ED2230FEFACDF78B00F83C7A1DBBC7066BA
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="RunAtSystemStartup" serializeAs="String">.. <value>True</value>.. </setting>.. <setting name="IsAppRunningForTheFirstTime" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="AppHeartbeat" serializeAs="String">.. <value>22.06:51:54</value>.. </setting>.. <setting name="CountryISO" serializeAs="String">.. <value>US</value>.. </setting>.. <setting name="OriginalDefaultBrowserHomePage" serializeAs="String">.. <value>about:home</value>.. </setting>.. <setting name="OriginalDefaultBrowserDefaultSearch" serialize

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\bqckjuc8.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):4088
                                                  Entropy (8bit):4.233496284905796
                                                  Encrypted:false
                                                  SSDEEP:96:ZnjAnvlAnbW86MnmV5nNKnAT3noAn0AnRAnQAnTAnwAn3AnfAnWgAnAZBAnEoAnD:9hYvD9
                                                  MD5:2955F40E846797D0129D7FAF0A3C1BD9
                                                  SHA1:C106807D9C83EB52CDDCD4408F316ABC50641689
                                                  SHA-256:BA5E43996F00DB31903D52B68CA88F05E0E25475579F2D965E26E8C0235EB18C
                                                  SHA-512:59B007536731F0D7858429BB0C8E33C43806F14C44DAA4CD54136E28D47100871C16A5BA211EE05938A3E008456F3ED2230FEFACDF78B00F83C7A1DBBC7066BA
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="RunAtSystemStartup" serializeAs="String">.. <value>True</value>.. </setting>.. <setting name="IsAppRunningForTheFirstTime" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="AppHeartbeat" serializeAs="String">.. <value>22.06:51:54</value>.. </setting>.. <setting name="CountryISO" serializeAs="String">.. <value>US</value>.. </setting>.. <setting name="OriginalDefaultBrowserHomePage" serializeAs="String">.. <value>about:home</value>.. </setting>.. <setting name="OriginalDefaultBrowserDefaultSearch" serialize

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\btqye2cm.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):338
                                                  Entropy (8bit):4.593235631150064
                                                  Encrypted:false
                                                  SSDEEP:6:TMVBd1IGnOhrPOYYYAP0RXKRF/+uKpvvvX8PONI3QIT:TMHdGGnOhrOXQEN+uKpvvvXCONI3xT
                                                  MD5:0A35FBAE99F45BC0DCCDB777ECFD0436
                                                  SHA1:65E295FDE91F90D55B107680E060895654FE66E4
                                                  SHA-256:19AF84C48A15820C94367390D58588DDAD8164B0AC4056C258A766C726329550
                                                  SHA-512:DB3A0973A373C039603C750F0F196CBF65553CDDB83739F1942402EAACBE178A775BE87C4B034FEB706830AE69D20158C3E3ECAD8D5D3FEBC45146B487C3C42C
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. </WebCompanion.UI.Properties.Settings>.. </userSettings>..</configuration>

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\byfzahw-.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):2195
                                                  Entropy (8bit):4.236515040171956
                                                  Encrypted:false
                                                  SSDEEP:48:cFGnvQEAnOgnDEAnYGEAn0EAnGmEAnCEAn7EAn8fEAnYJEAnWLEAnY/TZdocZtXw:ZnvlAn3noAn0AnRAnQAnTAnwAn3AnfAM
                                                  MD5:F0872E1CE6BA3AB5FC6738A8119BDDE6
                                                  SHA1:0B47AC39F7AA40318EEB94295B6674D0E4871649
                                                  SHA-256:C44FBF5C231C32B63719D924863FAAEC8154D192D9DC18A4731D78E629C3B069
                                                  SHA-512:8EF5A5A3FCBCDCDD41FC91572CE5E6C71D13E5E2819FA9A267D017244BFDC17647DFAD6732D1018B499050C4EEB820D324A8583678A2FAA851BD6660554916B4
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="RunAtSystemStartup" serializeAs="String">.. <value>True</value>.. </setting>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="ProductVersionType" serializeAs="String">.. <value>Free</value>.. </setting>.. <setting name="IsSearchProtectOn" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="EnableWebBar" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="IsMURLOptOut" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="EnableChromeExtension" serializeAs="String">.. <value>False<

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\fsfuuwxl.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):3415
                                                  Entropy (8bit):4.2405926657397215
                                                  Encrypted:false
                                                  SSDEEP:96:ZnjAnvlAnbW86MnmV5nNKnA3noAn0AnRAnQAnTAnwAn3AnfAnWgAnAZdoMtw:9hY/M
                                                  MD5:5C0AD129BAC29B3BCD3AB9DB430573F8
                                                  SHA1:127616474938A0B02D0FECF72B9CADA392A48C3E
                                                  SHA-256:C39F6CAAB8891672E5E4E0F6B84AB24DA0981277DED6A0EB14E6B7607FF273BC
                                                  SHA-512:022A4442D4244BB527CE4DF57B3C0E3F2E111CEA2688FB6C8D0C5C6C874A80BDCF0C3B952C4E89D81B32161B80705C6C74C87849A6E46F28A4D0C6565A2F0DA0
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="RunAtSystemStartup" serializeAs="String">.. <value>True</value>.. </setting>.. <setting name="IsAppRunningForTheFirstTime" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="AppHeartbeat" serializeAs="String">.. <value>22.06:51:54</value>.. </setting>.. <setting name="CountryISO" serializeAs="String">.. <value>US</value>.. </setting>.. <setting name="OriginalDefaultBrowserHomePage" serializeAs="String">.. <value>about:home</value>.. </setting>.. <setting name="OriginalDefaultBrowserDefaultSearch" serialize

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\fzgdzweo.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):1791
                                                  Entropy (8bit):4.2508682175591055
                                                  Encrypted:false
                                                  SSDEEP:48:cjQEAnOgnDEAnYGEAn0EAnGmEAnCEAn7EAn8fEAnYJEAnWLEAntXw:8lAn3noAn0AnRAnQAnTAnwAn3AnfAnWM
                                                  MD5:E4308A22084BE6F951AA99648CDBE1C2
                                                  SHA1:DBEF8D6B73E101397816C3ADE09D4F156987A53B
                                                  SHA-256:F96BACBA602816427D078505DEA2B0423BD391313950E8B60258471D7372B446
                                                  SHA-512:8D1AA1380A5623D247FEA0D8E0178CC1DBB61141C7DC45C095930A420A904EFBF7F80F3FEBB5411CB8A152EE12E5E667F6466CF33DE58DCDF89E0199FD959867
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="ProductVersionType" serializeAs="String">.. <value>Free</value>.. </setting>.. <setting name="IsSearchProtectOn" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="EnableWebBar" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="IsMURLOptOut" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="EnableChromeExtension" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="EnableFirefoxExtension" serializeAs="String">.. <value>F

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\jb1ybsx-.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):4477
                                                  Entropy (8bit):4.219790643690377
                                                  Encrypted:false
                                                  SSDEEP:96:ZnjAnvlAnbW86MnmV5nNKnAT3noAn0AnRAnQAnTAnwAn3AnfAnWgAnAZ8AnBAnEF:9hY1Dp
                                                  MD5:581F4060F66C9CB2A2FC291F0B3F72FE
                                                  SHA1:1E359EC70F44489DBE1BB99FB4FE9672204BB46A
                                                  SHA-256:21B56FAB12F96AD8024997C5C915C54B8022B8FF9A1744C4313F0DA6A329DFD7
                                                  SHA-512:D776CFE887CAE8C65AD6975682E3DD174EEA91BAC3EB6C9F133227CC17718082CB90FD2D0BD106392CEE989C03815FE7D75C22099F043E078248773710683A3D
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="RunAtSystemStartup" serializeAs="String">.. <value>True</value>.. </setting>.. <setting name="IsAppRunningForTheFirstTime" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="AppHeartbeat" serializeAs="String">.. <value>22.06:51:54</value>.. </setting>.. <setting name="CountryISO" serializeAs="String">.. <value>US</value>.. </setting>.. <setting name="OriginalDefaultBrowserHomePage" serializeAs="String">.. <value>about:home</value>.. </setting>.. <setting name="OriginalDefaultBrowserDefaultSearch" serialize

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\jgybsltc.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):3012
                                                  Entropy (8bit):4.245910503799324
                                                  Encrypted:false
                                                  SSDEEP:48:cFGnyEAnvQEAnawW8xgzAnaRLuEAOgnDEAnYGEAn0EAnGmEAnCEAn7EAn8fEAnYs:ZnjAnvlAnbW86MnmA3noAn0AnRAnQAnH
                                                  MD5:41B1C4857C315646855A07086080F414
                                                  SHA1:607D30D7FB31629B2C241EB12A215760E35EDB2B
                                                  SHA-256:ED36880B57386042EE705CAFE8CF43C3AFB3EBBB042D5223BC8278EA465D196D
                                                  SHA-512:6BCBC0D0C2EFC5663828AF170459AAB9B77F1E738AA7700483A42252083EACFF6C6D9C9F4E82A4EC186C15F031BCC6CD0ABEB266A074CF539FF43C9670E84543
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="RunAtSystemStartup" serializeAs="String">.. <value>True</value>.. </setting>.. <setting name="IsAppRunningForTheFirstTime" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="AppHeartbeat" serializeAs="String">.. <value>22.06:51:54</value>.. </setting>.. <setting name="CountryISO" serializeAs="String">.. <value>US</value>.. </setting>.. <setting name="OriginalDefaultBrowserHomePage" serializeAs="String">.. <value>about:home</value>.. </setting>.. <setting name="OriginalDefaultBrowserDefaultSearch" serialize

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\jwhtkrah.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):4344
                                                  Entropy (8bit):4.222234903940423
                                                  Encrypted:false
                                                  SSDEEP:96:ZnjAnvlAnbW86MnmV5nNKnAT3noAn0AnRAnQAnTAnwAn3AnfAnWgAnAZ8AnBAnE5:9hY1Dl
                                                  MD5:8318D6F97965BA361390B637E558C825
                                                  SHA1:92C3674C60A12CA7F87FDCD5AF9A7465D36D1C5D
                                                  SHA-256:4D4A995C5F62F32F416D6C4E1EEBB688E118B76858840BCCEE2CF52657730886
                                                  SHA-512:08710BEB4082C4DDCF298ADE50AA6658A3766796C6442154978BEDA08D7D99CFCFE4A90D545FFD15B0CE1B19E71EC1C084F5D75EEF8E1CC5014DC3F54F926657
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="RunAtSystemStartup" serializeAs="String">.. <value>True</value>.. </setting>.. <setting name="IsAppRunningForTheFirstTime" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="AppHeartbeat" serializeAs="String">.. <value>22.06:51:54</value>.. </setting>.. <setting name="CountryISO" serializeAs="String">.. <value>US</value>.. </setting>.. <setting name="OriginalDefaultBrowserHomePage" serializeAs="String">.. <value>about:home</value>.. </setting>.. <setting name="OriginalDefaultBrowserDefaultSearch" serialize

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\lsnzvjxb.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):2336
                                                  Entropy (8bit):4.23570027201948
                                                  Encrypted:false
                                                  SSDEEP:48:cFGnyEAnvQEAnOgnDEAnYGEAn0EAnGmEAnCEAn7EAn8fEAnYJEAnWLEAnY/TZdox:ZnjAnvlAn3noAn0AnRAnQAnTAnwAn3Av
                                                  MD5:6C15347458C318ED60377C88EB2DB718
                                                  SHA1:C1A02DB2EADB19E4FF489818037F56626B599A88
                                                  SHA-256:AE3E90CF9A2B00D7510CC83FB4F1D8A4810AF13EEFE7556240E749E5A849F5DA
                                                  SHA-512:DF679C8D98DA443C756CAAD864F8499E92591A3A6503F2CB6C97B20C63C9E228692736DE12FFF1100F5D26FB1076C89897FA235A55926B5C5C402E2A3EADFF84
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="RunAtSystemStartup" serializeAs="String">.. <value>True</value>.. </setting>.. <setting name="IsAppRunningForTheFirstTime" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="ProductVersionType" serializeAs="String">.. <value>Free</value>.. </setting>.. <setting name="IsSearchProtectOn" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="EnableWebBar" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="IsMURLOptOut" serializeAs="String">.. <value>

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\r83m2hbv.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):4219
                                                  Entropy (8bit):4.227966306415325
                                                  Encrypted:false
                                                  SSDEEP:96:ZnjAnvlAnbW86MnmV5nNKnAT3noAn0AnRAnQAnTAnwAn3AnfAnWgAnAZBAnEoAno:9hYvD2
                                                  MD5:E60E6CA5E8BE86745A69BC2C4CE272DE
                                                  SHA1:55A8F759A17530A0F0E3F82E645328F48918C996
                                                  SHA-256:13DF5299CC0C16838468404F7A59CF2BEC768FA8F1612EC26C207EFC25258BD8
                                                  SHA-512:4C6E867A431D80B8F2910D09505B26B5F1BC5FBF7B251E406634951216E88A9AEC79C0EA667E3BB0683F6662E0F8401FFCE8F3FFE794E6903724B2B506B91C29
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="RunAtSystemStartup" serializeAs="String">.. <value>True</value>.. </setting>.. <setting name="IsAppRunningForTheFirstTime" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="AppHeartbeat" serializeAs="String">.. <value>22.06:51:54</value>.. </setting>.. <setting name="CountryISO" serializeAs="String">.. <value>US</value>.. </setting>.. <setting name="OriginalDefaultBrowserHomePage" serializeAs="String">.. <value>about:home</value>.. </setting>.. <setting name="OriginalDefaultBrowserDefaultSearch" serialize

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\rr3psadi.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):4607
                                                  Entropy (8bit):4.212920355643935
                                                  Encrypted:false
                                                  SSDEEP:96:ZnjAnvlAnbW86MnmV5nNKnAT3noAn0AnRAnQAnTAnwAn3AnfAnWgAnAZ8AnBAnEe:9hY1Da
                                                  MD5:38E80994F129E15D9FAD04F581B7DBE7
                                                  SHA1:893A5BE01D0672E7F76E20999C03AE80E4149F07
                                                  SHA-256:5DCA67855B9F7EFB55AF8C49E31E89315A598CFCEC5AC5F05E3FF10EE2BD0DD0
                                                  SHA-512:5102A802A42CBE33D3C5205A5A462879500446E35CBA1985B35EAC120D6A66D52C34A8C66AB9891EFDD3D11580310417F14AB5A65926FC7EDBA68A82BD7F2D9D
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="RunAtSystemStartup" serializeAs="String">.. <value>True</value>.. </setting>.. <setting name="IsAppRunningForTheFirstTime" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="AppHeartbeat" serializeAs="String">.. <value>22.06:51:54</value>.. </setting>.. <setting name="CountryISO" serializeAs="String">.. <value>US</value>.. </setting>.. <setting name="OriginalDefaultBrowserHomePage" serializeAs="String">.. <value>about:home</value>.. </setting>.. <setting name="OriginalDefaultBrowserDefaultSearch" serialize

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\sr36axag.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):4344
                                                  Entropy (8bit):4.221948275833187
                                                  Encrypted:false
                                                  SSDEEP:96:ZnjAnvlAnbW86MnmV5nNKnAT3noAn0AnRAnQAnTAnwAn3AnfAnWgAnAZ8AnBAnE6:9hY1D2
                                                  MD5:969660E9ED1AA1F2094B69DEA24307D3
                                                  SHA1:086A7A227A6E7104CAC62D4FB5984196FC85BAF7
                                                  SHA-256:877E46A990107C36C1D97665BB14468797C31CBA49F46B1E4541AE6265029730
                                                  SHA-512:DDDD6CAEE6A4D3A235E047919E69F714A56DD7BB1333D8AAE128A43271DB388F4EFDC4BE5E7F2D320D1066938C69ABBC180443E185D146EC7535823DBC426EC0
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="RunAtSystemStartup" serializeAs="String">.. <value>True</value>.. </setting>.. <setting name="IsAppRunningForTheFirstTime" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="AppHeartbeat" serializeAs="String">.. <value>22.06:51:54</value>.. </setting>.. <setting name="CountryISO" serializeAs="String">.. <value>US</value>.. </setting>.. <setting name="OriginalDefaultBrowserHomePage" serializeAs="String">.. <value>about:home</value>.. </setting>.. <setting name="OriginalDefaultBrowserDefaultSearch" serialize

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\trpbv8ry.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):4219
                                                  Entropy (8bit):4.227966306415325
                                                  Encrypted:false
                                                  SSDEEP:96:ZnjAnvlAnbW86MnmV5nNKnAT3noAn0AnRAnQAnTAnwAn3AnfAnWgAnAZBAnEoAno:9hYvD2
                                                  MD5:E60E6CA5E8BE86745A69BC2C4CE272DE
                                                  SHA1:55A8F759A17530A0F0E3F82E645328F48918C996
                                                  SHA-256:13DF5299CC0C16838468404F7A59CF2BEC768FA8F1612EC26C207EFC25258BD8
                                                  SHA-512:4C6E867A431D80B8F2910D09505B26B5F1BC5FBF7B251E406634951216E88A9AEC79C0EA667E3BB0683F6662E0F8401FFCE8F3FFE794E6903724B2B506B91C29
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="RunAtSystemStartup" serializeAs="String">.. <value>True</value>.. </setting>.. <setting name="IsAppRunningForTheFirstTime" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="AppHeartbeat" serializeAs="String">.. <value>22.06:51:54</value>.. </setting>.. <setting name="CountryISO" serializeAs="String">.. <value>US</value>.. </setting>.. <setting name="OriginalDefaultBrowserHomePage" serializeAs="String">.. <value>about:home</value>.. </setting>.. <setting name="OriginalDefaultBrowserDefaultSearch" serialize

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\user.config (copy)

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):338
                                                  Entropy (8bit):4.593235631150064
                                                  Encrypted:false
                                                  SSDEEP:6:TMVBd1IGnOhrPOYYYAP0RXKRF/+uKpvvvX8PONI3QIT:TMHdGGnOhrOXQEN+uKpvvvXCONI3xT
                                                  MD5:0A35FBAE99F45BC0DCCDB777ECFD0436
                                                  SHA1:65E295FDE91F90D55B107680E060895654FE66E4
                                                  SHA-256:19AF84C48A15820C94367390D58588DDAD8164B0AC4056C258A766C726329550
                                                  SHA-512:DB3A0973A373C039603C750F0F196CBF65553CDDB83739F1942402EAACBE178A775BE87C4B034FEB706830AE69D20158C3E3ECAD8D5D3FEBC45146B487C3C42C
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. </WebCompanion.UI.Properties.Settings>.. </userSettings>..</configuration>

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\vjj5cjkg.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):4344
                                                  Entropy (8bit):4.221948275833187
                                                  Encrypted:false
                                                  SSDEEP:96:ZnjAnvlAnbW86MnmV5nNKnAT3noAn0AnRAnQAnTAnwAn3AnfAnWgAnAZ8AnBAnE6:9hY1D2
                                                  MD5:969660E9ED1AA1F2094B69DEA24307D3
                                                  SHA1:086A7A227A6E7104CAC62D4FB5984196FC85BAF7
                                                  SHA-256:877E46A990107C36C1D97665BB14468797C31CBA49F46B1E4541AE6265029730
                                                  SHA-512:DDDD6CAEE6A4D3A235E047919E69F714A56DD7BB1333D8AAE128A43271DB388F4EFDC4BE5E7F2D320D1066938C69ABBC180443E185D146EC7535823DBC426EC0
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="RunAtSystemStartup" serializeAs="String">.. <value>True</value>.. </setting>.. <setting name="IsAppRunningForTheFirstTime" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="AppHeartbeat" serializeAs="String">.. <value>22.06:51:54</value>.. </setting>.. <setting name="CountryISO" serializeAs="String">.. <value>US</value>.. </setting>.. <setting name="OriginalDefaultBrowserHomePage" serializeAs="String">.. <value>about:home</value>.. </setting>.. <setting name="OriginalDefaultBrowserDefaultSearch" serialize

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\xdco3gyx.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):2883
                                                  Entropy (8bit):4.253800672965366
                                                  Encrypted:false
                                                  SSDEEP:48:cFGnyEAnvQEAnawW8xgzAnaRLOgnDEAnYGEAn0EAnGmEAnCEAn7EAn8fEAnYJEAM:ZnjAnvlAnbW86Mnm3noAn0AnRAnQAnTb
                                                  MD5:BDDFC846BD7DC4EE7D37C188DA14DEFA
                                                  SHA1:252309A1881E40152E98F750792F1261E602E180
                                                  SHA-256:49C76DA84A34142F796733B542A0E4B8F78904DA8671863C26CFBE2169757854
                                                  SHA-512:25169369B5661764919839B3C6ED8C13612DD67CC3D89782905B8CB8FC91BE38E4EC5E64B4228BBD949B3C97B552DD77334B175C7071C2F32186068A1C6FEB1D
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="RunAtSystemStartup" serializeAs="String">.. <value>True</value>.. </setting>.. <setting name="IsAppRunningForTheFirstTime" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="AppHeartbeat" serializeAs="String">.. <value>22.06:51:54</value>.. </setting>.. <setting name="CountryISO" serializeAs="String">.. <value>US</value>.. </setting>.. <setting name="OriginalDefaultBrowserHomePage" serializeAs="String">.. <value>about:home</value>.. </setting>.. <setting name="OriginalDefaultBrowserDefaultSearch" serialize

                                                  C:\Users\user\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.993\ysb8oayg.newcfg

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):4344
                                                  Entropy (8bit):4.222234903940423
                                                  Encrypted:false
                                                  SSDEEP:96:ZnjAnvlAnbW86MnmV5nNKnAT3noAn0AnRAnQAnTAnwAn3AnfAnWgAnAZ8AnBAnE5:9hY1Dl
                                                  MD5:8318D6F97965BA361390B637E558C825
                                                  SHA1:92C3674C60A12CA7F87FDCD5AF9A7465D36D1C5D
                                                  SHA-256:4D4A995C5F62F32F416D6C4E1EEBB688E118B76858840BCCEE2CF52657730886
                                                  SHA-512:08710BEB4082C4DDCF298ADE50AA6658A3766796C6442154978BEDA08D7D99CFCFE4A90D545FFD15B0CE1B19E71EC1C084F5D75EEF8E1CC5014DC3F54F926657
                                                  Malicious:false
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <userSettings>.. <WebCompanion.UI.Properties.Settings>.. <setting name="RunAtSystemStartup" serializeAs="String">.. <value>True</value>.. </setting>.. <setting name="IsAppRunningForTheFirstTime" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="UpgradeRequired" serializeAs="String">.. <value>False</value>.. </setting>.. <setting name="AppHeartbeat" serializeAs="String">.. <value>22.06:51:54</value>.. </setting>.. <setting name="CountryISO" serializeAs="String">.. <value>US</value>.. </setting>.. <setting name="OriginalDefaultBrowserHomePage" serializeAs="String">.. <value>about:home</value>.. </setting>.. <setting name="OriginalDefaultBrowserDefaultSearch" serialize

                                                  C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\WebCompanion.exe.log

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):2554
                                                  Entropy (8bit):5.353731000979055
                                                  Encrypted:false
                                                  SSDEEP:48:MwQqAdB6ZosoW6Ux+FOKlK2OaQK5sAFfNpK5UXOl7B0K5qb8O9IzoHR3:JQJB6ZosoW6Ux+ng2Z5sAk5Jf5u9IzoB
                                                  MD5:FC622724F865C249298FA6A742C42ED5
                                                  SHA1:D91490C04704D03E280A163D2A8EC1CFF8EC3D56
                                                  SHA-256:205025EC4B358021F878593B07606DAF27918E88DCFFB9190B0DE95A06091CED
                                                  SHA-512:3753D0F10711A3FBCF4949EE24D4C0AE70333FDE5516E2A76C1E84E5ADB1BE2CE78C06A1B67AF4B23689827CDA232519F2F0E954D0C96A48E5F286973906D90D
                                                  Malicious:false
                                                  Preview:1,"fusion","GAC",0..3,"C:\Windows\assembly\NativeImages_v2.0.50727_32\System\bec14584c93014efbc76285c35d1e891\System.ni.dll",0..3,"C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\953f7919ee8eb01854d0f477eb340f30\WindowsBase.ni.dll",0..3,"C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53c9f90d7d1962ac81bca35f27f3b5c6\PresentationCore.ni.dll",0..3,"C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\06983816e9e9c8e14e0c69f787b06c62\System.Core.ni.dll",0..3,"C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f0806a395be5d02c6fb9919cf151da76\PresentationFramework.ni.dll",0..3,"C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\53992d421e2c7ecf6609c62b3510a6f0\System.Configuration.ni.dll",0..3,"C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\74774597e319a738b792e6a6c06d3559\System.Xml.ni.dll",0..2,"System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..2,"System.Runtime.Seriali

                                                  C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\WebCompanion.exe.log

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:CSV text
                                                  Category:dropped
                                                  Size (bytes):226
                                                  Entropy (8bit):5.360398796477698
                                                  Encrypted:false
                                                  SSDEEP:6:Q3La/xw5DLIP12MUAvvR+uTL2ql2ABgTv:Q3La/KDLI4MWuPTAv
                                                  MD5:3A8957C6382192B71471BD14359D0B12
                                                  SHA1:71B96C965B65A051E7E7D10F61BEBD8CCBB88587
                                                  SHA-256:282FBEFDDCFAA0A9DBDEE6E123791FC4B8CB870AE9D450E6394D2ACDA3D8F56D
                                                  SHA-512:76C108641F682F785A97017728ED51565C4F74B61B24E190468E3A2843FCC43615C6C8ABE298750AF238D7A44E97C001E3BE427B49900432F905A7CE114AA9AD
                                                  Malicious:false
                                                  Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..

                                                  C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\ExplorerStartupLog_RunOnce.etl

                                                  Download File
                                                  Process:C:\Windows\System32\runonce.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):24576
                                                  Entropy (8bit):2.1043407759395216
                                                  Encrypted:false
                                                  SSDEEP:384:D+pZ/Ps9C5vt8rcNvd5p6JgNeDkOe+I2OPN3vQLwH42Sk8hKVEMQPRX4z+XM8u7u:Ge
                                                  MD5:24E58F08576CBD08A96080C3D94B0300
                                                  SHA1:7D87FE896DE9640E82095A5D976EE1A59B27BB05
                                                  SHA-256:9564A63251902CDF21DBBEE75F61059B91A8B01B3EBD4B1802E3B3330A394077
                                                  SHA-512:8F95EAE6DED5F62426747E7875F1AD7FA8974847B4EB325AE1AFAB7DFA6956D251C47203CF2EA309004763C65A51DDB0AE1C467CACAA163F48E6C7DCB85418A5
                                                  Malicious:false
                                                  Preview:. ......................................................................................U.8.............. ......eJ......Zr/.%...Zb..............................................,...@.t.z.r.e.s...d.l.l.,.-.1.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.1.1.1............................................................ud.V...............%...........E.x.p.l.o.r.e.r.S.t.a.r.t.u.p.L.o.g._.R.u.n.O.n.c.e...C.:.\.U.s.e.r.s.\.h.u.b.e.r.t.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.M.i.c.r.o.s.o.f.t.\.W.i.n.d.o.w.s.\.E.x.p.l.o.r.e.r.\.E.x.p.l.o.r.e.r.S.t.a.r.t.u.p.L.o.g._.R.u.n.O.n.c.e...e.t.l.........P.P.........I.9.............................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\WcInstaller[1].exe

                                                  Download File
                                                  Process:C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):565920
                                                  Entropy (8bit):7.672199048109324
                                                  Encrypted:false
                                                  SSDEEP:12288:YG5knZfFKeYDbRpFE7T/W2ktHD/ICRrjkBMgOEuPpi:YG50ZfFK5fREfe2yjQCRrjcjuPpi
                                                  MD5:CA94290A5FB89E0AAACBF01585718B17
                                                  SHA1:4FE5E5E9276824158BD9A08BF5A4759EC3C4926B
                                                  SHA-256:0C1EC6BDA6EC65EF4194D0B812B66972B8AF104F46DBA320A46802531D6B2314
                                                  SHA-512:45CC55D77F41BD94472543D23B16C12B4BB777C9F57CB62C5E7E6BE1D0040A0FDE84C219CA504402FB28F03BD57F57CCBA0D2B9E2330D32A59926B4CCC47F535
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........W..s...s...s..c}...s..Yy...s..w,...s...r./.s..w....s..Yx...s.......s.......s.Zyu...s.Rich..s.................PE..L.....M........../..................H............@.................................}...........................................d....p...q...........o...2...........................................................................................text............................... ..`.rdata...D.......F..................@..@.data...hZ.......2..................@....sxdata......`......................@....rsrc....q...p...r..................@..@........................................................................................................................................................................................................................................................................................................................

                                                  C:\Users\user\AppData\Local\Temp\7zS46E8489B\ICSharpCode.SharpZipLib.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):213720
                                                  Entropy (8bit):5.759316941956961
                                                  Encrypted:false
                                                  SSDEEP:3072:AK1c/KCOAUXk31Vv91GOtJJKuE1iA5mGPB8qd9OTymIpn+64kRAclDwRNG95ZI4m:Ve9OAQsFtJrGPBnmIRZYp
                                                  MD5:E6BB367B7C30C2A892CD2B9A21727547
                                                  SHA1:4F5983CA5266DAADECEF111EDB15D58582687190
                                                  SHA-256:C451F459F3971F2151578E4BA3080B9F25BA8FC2C0BBAEE2C1BF867A27703741
                                                  SHA-512:91FC13EE9344E67C131011DAD8B9C772476B533FB2388C34D34FBF1D24593B8F785CDAC6846FCF9EC7A84B3664339D0C45669E9EE1EE3EC7643F69D8D550A124
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......S...........!......... ........... ........@.. .......................@......_.....@.................................d...W........................2... ....................................................... ............... ..H............text........ ...................... ..`.rsrc...............................@..@.reloc....... ......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Users\user\AppData\Local\Temp\7zS46E8489B\Newtonsoft.Json.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):438488
                                                  Entropy (8bit):6.099387465094538
                                                  Encrypted:false
                                                  SSDEEP:6144:jHerwzLkqCG3uKWf4g6tUwoOkErUx5/Rsnaszr0tZDPEaN+YB5+Gon4J:jHerIacuKUtOkESbKQrvB5+CJ
                                                  MD5:2E22312B40CA5093AC2D4C7823BD7F1B
                                                  SHA1:7B29F70F006D40A9F4F387B69D484ACD191DEFC8
                                                  SHA-256:6E5CACEBF3911CDD1B41962C6AA150FFCED3B1D44AE6B64ED18F34005B517ACC
                                                  SHA-512:9F998AD28B9E6F388BAD87C464BEE0718072212AE26C50E0D6D2144ACF9854FC62F833FAC11679A76D52A9DB9F4FF116305F41CB237D9004CF6F1A45A967CE60
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....L.R...........!.....t............... ........... ....................................@.....................................K.......8............~...2..........x................................................ ............... ..H............text....s... ...t.................. ..`.rsrc...8............v..............@..@.reloc...............|..............@..B........................H.......h...................X...P ......................................yK.N...f....i5.#I..xV. ..%BR..^.....t0"..z.%./.G'.j....{...2...k)w...'>.c..P..X.......n...h....E...ex..X/H].R.e.{..;&.-.'....{....*"..}....*V.(x.....(......}....*2.{....oy...*2.{....oz...*B..(....&..(....*...0...........oo........YE....}...............}...n...............n.......I...I...I...I...3...I...X...8D....t......{.....or...o{....ow.....+U..o|.....{.....o....oo...o}.....o....o....t.....o....o..

                                                  C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe
                                                  File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):468184
                                                  Entropy (8bit):6.484237481783134
                                                  Encrypted:false
                                                  SSDEEP:12288:H9FvkzVw/c/gYwx2b619WA1ENpdscZlwH:fgVw/c/gZAscZlwH
                                                  MD5:80619C0E2165AB0C217D4355461DA07D
                                                  SHA1:5EF814D77A9BE69B0D095E0DF3E5D880FDAC0D78
                                                  SHA-256:73184A675024891B66356A2A93FF31BD4D4CDB129274B77B1BA536A35A62D83C
                                                  SHA-512:8E93D44F6604AED638B6A078CC540D5A88526AD2DBEB8141CC316A6E8AE9016493249F2C2BEA4EAA64CBABCF142585F1E7DA6EFB774FC0969E52F433171A5F1F
                                                  Malicious:true
                                                  Yara Hits:
                                                  • Rule: JoeSecurity_GenericDownloader_1, Description: Yara detected Generic Downloader, Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe, Author: Joe Security
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e.................|...t........... ........@.. .......................@............@.....................................S........q...............2... ......p................................................ ............... ..H............text....z... ...|.................. ..`.rsrc....q.......r...~..............@..@.reloc....... ......................@..B........................H.......h....j...........g................................................~....}.....(......s....}......(....}....*br...p.{....(......(9...*.0..j..........{....rk..po....,.(.....+.(......r}..p(......(......r...p.{....o....o.......(........s.........oP.....z*..........UU......6r...p..(9...*.r...p.....*..{....*"..}....*..{....*"..}....*V.(......(......(....*6r...p..(9...*.0..3........(....( ...,..(.....(.....(!.......s^......oP....z*.........!!......6re..p..(9...*...0..M.......

                                                  C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe.config

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe
                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):2720
                                                  Entropy (8bit):4.98742519627159
                                                  Encrypted:false
                                                  SSDEEP:48:c5+qM3DmNwAGDo2cCSIn6la86Vr6R841docr7S36Ek+HEkHQB:jV3gUka8arAN3r7s6Ek+HEkH6
                                                  MD5:1103E1618F5BB75851E0F0C753EC8EC5
                                                  SHA1:CBECB3538CAD8585A4B1962098F1B427DC6984B3
                                                  SHA-256:133F4FCE3A299387263F849250CCEE387B137EE3FF36C6B44B4C02328EDFAAF3
                                                  SHA-512:C005F7873896B8B28C228CFC8CB51BF8A0F9BFEF917A6AF5F0FE32DCC7E818FFB48026FD00A13BF30E82A3383765F2500DD709A25806DAA199829991A9FC9725
                                                  Malicious:true
                                                  Preview:<?xml version="1.0" encoding="utf-8"?>..<configuration>.. <configSections>.. <section name="ProdSettings" type="System.Configuration.NameValueSectionHandler"/>.. <section name="StagingSettings" type="System.Configuration.NameValueSectionHandler"/>.. </configSections>.. <ProdSettings>.. <add key="Installer" value="https://wcdownloadercdn.lavasoft.com/9.1.0.993/WebCompanionInstaller-9.1.0.993-prod.exe"/>.. <add key="WebProtectionZip" value="https://rt.webcompanion.com/notifications/download/rt/dci/latest/Webprotection.zip"/>.. <add key="InstallerZip" value="http://wcdownloadercdn.lavasoft.com/9.1.0.993/WebCompanion-9.1.0.993-prod.zip"/>.. </ProdSettings>.. <StagingSettings>.. <add key="Installer" value="https://wcdownloader-qa.lavasoft.com/9.1.0.993/WebCompanionInstaller-9.1.0.993-internal.exe"/>.. <add key="WebProtectionZip" value="https://staging-webcompanion.lavasoft.net/dci/3.0.1.9/Webprotection.zip"/>.. <add key="InstallerZip" value="https://wcdownloader

                                                  C:\Users\user\AppData\Local\Temp\7zS46E8489B\de-DE\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):10240
                                                  Entropy (8bit):4.841968989200826
                                                  Encrypted:false
                                                  SSDEEP:192:sV4qrZPdcVt8f2bMpLSpLwvdftwk0d7yF8YplOOoBeRKqBd9uEogll:sV4qrRdcVt8f2wpLS5wvdVCkLpljoBeP
                                                  MD5:CC635544603937E6C0B95528C6174D36
                                                  SHA1:926B8E225E90891BE4353F78E9B6A4F2381599BB
                                                  SHA-256:706A3B4FD8343489EEE470A1E3D1C1065CB5D63B40FD10680286EDEE261D186A
                                                  SHA-512:CBE6140448045393F8A530B62C7F7EF4FACFC4AC4B3961175B9C6C1BF3E3C3E74F2FB2E41F7BF5BAD9555522AA4E19BE16EE3D076CD26170296ECD2A353FC453
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!..... ..........N?... ...@....@.. ....................................@..................................>..S....@.......................`....................................................... ............... ..H............text...T.... ... .................. ..`.rsrc........@......."..............@..@.reloc.......`.......&..............@..B................0?......H........;..d...........P ..C...........................................?..............lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....E.......PADPADPP)6..).......n.....V ..(`5.........]....}........E(/...-.C.... ...#..S.n....xv.|.-.D...................w#(..X:..o.......V...h...................v..-../.x.EZ....1.N...D|-..... ...?.!..v"..v"..v"..v"..."...'vAw(...2c$Q:

                                                  C:\Users\user\AppData\Local\Temp\7zS46E8489B\en-US\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):9216
                                                  Entropy (8bit):4.778835051877665
                                                  Encrypted:false
                                                  SSDEEP:192:l4yy+cVgVxrbslCRp5w4F/QTEUM7YP9HrJxsjVPLukogll:l4yy+cVgVxrQlCRLw4FvgVKRTuE
                                                  MD5:A38A454C58268F7D7E515E05B630FD15
                                                  SHA1:5703538D4E9346E8D9053B8A80F45B4E33DA0A02
                                                  SHA-256:7927D35DB9171A88EA7DF1C2F604B4E139F5E34A661ABF5366BB3EA67E3C9035
                                                  SHA-512:E5597A09B32B64CDDB73239D4E4FA0E60C4B12F412B4EBD7FC032717029868882277D6950B0A44C1D5DE4AB411D03F4549192B6A53EC58830226F1ECE3923124
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!.................;... ...@....@.. ....................................@.................................T;..W....@.......................`....................................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`......."..............@..B.................;......H........7..d...........P .............................................................lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....C.......PADPADPP)6..).......n.....V ..(`5.........]....}........E(/...-.C.... ...#..S.n....xv.|.-.D...................w#(..X:..o.......V...h...............v..-../.x.EZ..N...D|-..... ...?.!..v"..v"..v"..v"..."...'vAw(...2c$Q:#Uv=..C?

                                                  C:\Users\user\AppData\Local\Temp\7zS46E8489B\es-ES\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):10240
                                                  Entropy (8bit):4.726455552698344
                                                  Encrypted:false
                                                  SSDEEP:192:1P4qrZPdcVkvZYbu7hKpSwa8R1XUAPLPgWYVyVSAeuzogll:x4qrRdcVkvZYS7hKMwa8XUAzPpY5ux
                                                  MD5:D3DA635F012FB80108EDA2BC7A28A7E6
                                                  SHA1:4115F44018D40FC24A28EF68057BFB3B0490414C
                                                  SHA-256:4B11F05CFED5E4DB094FEBAD3DDAF7A4C869F70AAAF3C1868A45378700030894
                                                  SHA-512:FFE16BB267B11763DD2D1092DF5662DE077DCEE22B18E5C00E2F94E44BB0CB7CB3708590175FCD676155DC7B3D919DDA907D84BA9D25A8E2CE4F1EA39DC74FE8
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!..... ..........>>... ...@....@.. ....................................@..................................=..K....@.......................`....................................................... ............... ..H............text...D.... ... .................. ..`.rsrc........@......."..............@..@.reloc.......`.......&..............@..B................ >......H........:..d...........P ..<...........................................8..............lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....E.......PADPADPP)6..).......n.....V ..(`5.........]....}........E(/...-.C.... ...#..S.n....xv.|.-.D...................w#(..X:..o.......V...h...................v..-../.x.EZ....1.N...D|-..... ...?.!..v"..v"..v"..v"..."...'vAw(...2c$Q:

                                                  C:\Users\user\AppData\Local\Temp\7zS46E8489B\fr-CA\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):10240
                                                  Entropy (8bit):4.839585977953346
                                                  Encrypted:false
                                                  SSDEEP:192:+4qrZPdcVRVQBbLQX7pMwUHRvgWRU6ioQho1o4eAZuPogll:+4qrRdcVRVQBHQX7SwUHZg6sj0uV
                                                  MD5:F904CB73495C77A898FF604896C06983
                                                  SHA1:C0752BF08DABD594A89D2E810DA3A57AF2793EF3
                                                  SHA-256:51F3A859166B973C0091C64313AFCBE2ADB2AE1E85A630AFB36D4E7EA4D6697B
                                                  SHA-512:8977AB114E5BF0B3CA8B0F433EC03036447B55235F80FA43247C27E20569A3675A7B9405A72051D45F0D84B508BA18A5D11A31CC31328D937E20C19535AB1B93
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!..... ...........?... ...@....@.. ....................................@..................................>..W....@.......................`....................................................... ............... ..H............text...4.... ... .................. ..`.rsrc........@......."..............@..@.reloc.......`.......&..............@..B.................?......H.......p;..d...........P .............................................................lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....E.......PADPADPP)6..).......n.....V ..(`5.........]....}........E(/...-.C.... ...#..S.n....xv.|.-.D...................w#(..X:..o.......V...h...................v..-../.x.EZ....1.N...D|-..... ...?.!..v"..v"..v"..v"..."...'vAw(...2c$Q:

                                                  C:\Users\user\AppData\Local\Temp\7zS46E8489B\it-IT\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):7680
                                                  Entropy (8bit):4.466647098876099
                                                  Encrypted:false
                                                  SSDEEP:96:vCipngp9cqvLcMjJvGWIAvurzPPtK2DhzVYYfNFlRnu/9dqgll:vCipngp9cqT79fePtK2VRfvDuFogll
                                                  MD5:97A2470A5463243ECA160C28BF617607
                                                  SHA1:1916C063D88C4C60AA2E61818244A05FBF26E614
                                                  SHA-256:A03466AF77CD6245AB011128043DED7204E9B4E717DC5BC1A29E7B89A244DE19
                                                  SHA-512:4F8BC9AA8A93E9519D877781EC06CA915639055A70AB791EB61BB3773C2A748FEA282B59C270EC7EECFF590787CF030C22647D814B0E55628148CA3C557AC9E9
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!................^4... ...@....@.. ....................................@..................................4..W....@.......................`....................................................... ............... ..H............text...d.... ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B................@4......H........0..d...........P ..O...........................................K..............lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....+.......PADPADPP)6..).........V ......]....}..........-.C.... ...#..S.n....xv.|.-..X:.....V...h...................v..-....1.D|-.. ...?.!..."vAw(...2..C?.9.W.F.^:1;j...p..cv..~...~[...............7...L...2.......................".......

                                                  C:\Users\user\AppData\Local\Temp\7zS46E8489B\ja-JP\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):8192
                                                  Entropy (8bit):4.914052885809483
                                                  Encrypted:false
                                                  SSDEEP:96:TJCi04kp2EvvBykfWWz435MIX7I2YaPegPqDmw430zlRtuJ9dqgll:dCi04kp2EXBnOZ39XBi74kzxuDogll
                                                  MD5:5B9E5F2E9C9F380FC0E6C36A65AE8980
                                                  SHA1:36E93C4D7965BB2D464AD4508080807726BBEA66
                                                  SHA-256:3F2824E50E88B92127A94942F9384E5B843C8E99E621E707A155DC7A5AE9AEB8
                                                  SHA-512:B34441FCC2E4B2CB187E0F1EECE60640C60F6F246BA2D8DFC4D67EF817C51319BEAE53BB0A40FFE990ED75B260B903D3A9ACCF0B53A0500A0E5E1D8F1D5FF1F2
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!.................6... ...@....@.. ....................................@.................................86..S....@.......................`....................................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B................p6......H........2..d...........P .............................................................lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....+.......PADPADPP)6..).........V ......]....}..........-.C.... ...#..S.n....xv.|.-..X:.....V...h...................v..-....1.D|-.. ...?.!..."vAw(...2..C?.9.W.F.^:1;j...p..cv..~...~[...............7...L...2.......................".......

                                                  C:\Users\user\AppData\Local\Temp\7zS46E8489B\pt-BR\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):8704
                                                  Entropy (8bit):4.687824884426679
                                                  Encrypted:false
                                                  SSDEEP:192:UlmcDiBsbb8inpYfv4DOh9mE/HMuZogll:UlmcDiBsX8inGf6o8uT
                                                  MD5:D75883F958CC8E6F01BA6CA238B9B062
                                                  SHA1:D21467A9C126A11D0B6935B4E21F4C85483AF577
                                                  SHA-256:A258724DA32D945361CE4FBFD3DFA9D40CC574BB5E19BC8106DBBA9549640BB2
                                                  SHA-512:0BC76713698181BF54036B993E9B0D3B0E7D33B3C048766644F84BDA8D99105B02B1B5C42A7F75561066F20CDE330F68DA76DB8CC070ABB4F93707ADAD62CCB8
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!.................8... ...@....@.. ....................................@..................................8..W....@.......................`....................................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`....... ..............@..B.................8......H.......05..d...........P .............................................................lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....7.......PADPADPP)6..).......n.....V ..(`5.....]....}........E(/...-.C.... ...#..S.n....xv.|.-..X:..o.....V...h...................v..-../.x...1.D|-..... ...?.!..."...'vAw(...2c$Q:..C?.9.W*..Y`..[.F.^:1;j...pg.Jq..cv...w..~...~u.......

                                                  C:\Users\user\AppData\Local\Temp\7zS46E8489B\ru-RU\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):10240
                                                  Entropy (8bit):4.99083138053019
                                                  Encrypted:false
                                                  SSDEEP:192:KlmcDiBGb9+oLp1nNddaxbRFaKvisu1Cj1sJ4evucogll:KlmcDiBGp+oLfntalaIip8j1g48u8
                                                  MD5:0B427E896A2D725C74AA971E95F59ADA
                                                  SHA1:E0CD6B8101115977EFA885C77D8CAFCF42E1F56F
                                                  SHA-256:DCD1A941DA556923D91035EB792128EA6A2C14F3E3D52C7390FDA80BBCC81396
                                                  SHA-512:662B71B8C831628E21D83A2BF643143B69D95D9A4505138065918EF211478C735870BCC552539F4D21205EE5C16A39E52C4E45E775A9E8FB79C4D5D21F7C6FB4
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!..... ...........?... ...@....@.. ....................................@.................................`?..K....@.......................`....................................................... ............... ..H............text........ ... .................. ..`.rsrc........@......."..............@..@.reloc.......`.......&..............@..B.................?......H........;..d...........P .............................................................lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....7.......PADPADPP)6..).......n.....V ..(`5.....]....}........E(/...-.C.... ...#..S.n....xv.|.-..X:..o.....V...h...................v..-../.x...1.D|-..... ...?.!..."...'vAw(...2c$Q:..C?.9.W*..Y`..[.F.^:1;j...pg.Jq..cv...w..~...~u.......

                                                  C:\Users\user\AppData\Local\Temp\7zS46E8489B\tr-TR\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):7680
                                                  Entropy (8bit):4.755775398779436
                                                  Encrypted:false
                                                  SSDEEP:96:1bCiAtapiUldvIVaaQo4jvD3WZhWWdurHlR3us9dqgll8:1bCiAtapiUldspl4jvU6juSogll8
                                                  MD5:6E4A42861DBE2BF7933CA69287D0C4B1
                                                  SHA1:CD53A5C33970C37E1ED13B17A7C61D22F7D52AB8
                                                  SHA-256:0D0BB607D963EC6EE3DACAC6947589FD2A2066EDB96F89F0709C32F7120F3AAF
                                                  SHA-512:7A9ACC66D4DBCB774568F4B3F671FE3D072BAAEEF5C091078F5A713F250C297C2FDB7ED0500D04F7076EE6BFBECF49B6886AD924B9F0C200347AD04B47610932
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!................N5... ...@....@.. ....................................@..................................5..K....@.......................`....................................................... ............... ..H............text...T.... ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B................05......H........1..d...........P ..I...........................................E..............lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....+.......PADPADPP)6..).........V ......]....}..........-.C.... ...#..S.n....xv.|.-..X:.....V...h...................v..-....1.D|-.. ...?.!..."vAw(...2..C?.9.W.F.^:1;j...p..cv..~...~[...............7...L...2.......................".......

                                                  C:\Users\user\AppData\Local\Temp\7zS46E8489B\zh-CHS\WebCompanionInstaller.resources.dll

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):7168
                                                  Entropy (8bit):4.921691415797547
                                                  Encrypted:false
                                                  SSDEEP:192:aCipxlpiUZWp/ipoNK+zlG9CNkpuXogll:Dipxl8UU5qmlG9C6ud
                                                  MD5:1B6691D38C481CF8261405693434990E
                                                  SHA1:7D7BB443A44A52ED8FE22B500872AD7EC1C8C6D9
                                                  SHA-256:34DDFE9488C90EEE14AE4D22585FEACB496A16F268F1ECE876749422311BD93E
                                                  SHA-512:C013CBFF2FFCE611DDA5B3D9F5B1B546D77F8BBDDDE0C5D1BCDB9C92A19B398289429E5EB879C305EDBA0566F3425A8EA61F636701B4F81047E1A422F47117FB
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}`e...........!.................2... ...@....@.. ....................................@.................................H2..S....@.......................`....................................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B.................2......H...........d...........P .............................................................lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet....+.......PADPADPP)6..).........V ......]....}..........-.C.... ...#..S.n....xv.|.-..X:.....V...h...................v..-....1.D|-.. ...?.!..."vAw(...2..C?.9.W.F.^:1;j...p..cv..~...~[...............7...L...2.......................".......

                                                  C:\Users\user\AppData\Local\Temp\CSC299E.tmp

                                                  Download File
                                                  Process:C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
                                                  File Type:MSVC .res
                                                  Category:dropped
                                                  Size (bytes):664
                                                  Entropy (8bit):3.24908027071776
                                                  Encrypted:false
                                                  SSDEEP:12:DXtEki3nmjXAHOa5YAk9aUGiqbiN57FryOqak7YnqqLlPN5z6lq5zE:SNWD3g0NV2akSxPNdOqdE
                                                  MD5:EAD96B0D128BF065F4BE5D4909584851
                                                  SHA1:9F4A700586D992D04AEFF9E8128F85B0ADAF736A
                                                  SHA-256:6575803C0708726A654F15F11A350574F9BDAA26347183D17CDC85EAD4D7489D
                                                  SHA-512:518787BFC94161E39FF816C2FA970E586AA38DB9D74DA26917DBE075075BBBC12F80A86372D2CBFEC922FC989422D175D1FDF62547FBA86441016DC07ABDB8B1
                                                  Malicious:false
                                                  Preview:.... ...........................X...<...............0...........X.4...V.S._.V.E.R.S.I.O.N._.I.N.F.O.............................?...........................D.....V.a.r.F.i.l.e.I.n.f.o.....$.....T.r.a.n.s.l.a.t.i.o.n...............S.t.r.i.n.g.F.i.l.e.I.n.f.o.........0.0.0.0.0.4.b.0...,.....F.i.l.e.D.e.s.c.r.i.p.t.i.o.n..... ...4.....F.i.l.e.V.e.r.s.i.o.n.....9...1...0...9.9.3...<.....I.n.t.e.r.n.a.l.N.a.m.e...r.r.d.1.g.v.m.r...d.l.l.....(.....L.e.g.a.l.C.o.p.y.r.i.g.h.t... ...D.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e...r.r.d.1.g.v.m.r...d.l.l.....8.....P.r.o.d.u.c.t.V.e.r.s.i.o.n...9...1...0...9.9.3...<.....A.s.s.e.m.b.l.y. .V.e.r.s.i.o.n...9...1...0...9.9.3...

                                                  C:\Users\user\AppData\Local\Temp\CSC40B0.tmp

                                                  Download File
                                                  Process:C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
                                                  File Type:MSVC .res
                                                  Category:dropped
                                                  Size (bytes):664
                                                  Entropy (8bit):3.2781670191908883
                                                  Encrypted:false
                                                  SSDEEP:12:DXtEki3nmjXAHOa5YAk9aUGiqbiN57FryNak7YnqqPPN5z6lq5zE:SNWD3g0NVkakSPPNdOqdE
                                                  MD5:290467BAF23D8E7C9F411AF57F594761
                                                  SHA1:1EBEC78780F2740D345D33C7636CC47B480DEA61
                                                  SHA-256:20E44579B9BCB77DFB3C296BD8F047DD55542C44F235DC7AF8CF53C63B32D220
                                                  SHA-512:36D9A3AEB7BA6379FE143591639BE03745950B8A6E58B26413B32DB51E45315E0394A0F35A85D09B940D5AE83D6FD86F3647547EFEC6190F28BAEF0DB0AF5C21
                                                  Malicious:false
                                                  Preview:.... ...........................X...<...............0...........X.4...V.S._.V.E.R.S.I.O.N._.I.N.F.O.............................?...........................D.....V.a.r.F.i.l.e.I.n.f.o.....$.....T.r.a.n.s.l.a.t.i.o.n...............S.t.r.i.n.g.F.i.l.e.I.n.f.o.........0.0.0.0.0.4.b.0...,.....F.i.l.e.D.e.s.c.r.i.p.t.i.o.n..... ...4.....F.i.l.e.V.e.r.s.i.o.n.....9...1...0...9.9.3...<.....I.n.t.e.r.n.a.l.N.a.m.e...i.6.u.w.q.y.h.0...d.l.l.....(.....L.e.g.a.l.C.o.p.y.r.i.g.h.t... ...D.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e...i.6.u.w.q.y.h.0...d.l.l.....8.....P.r.o.d.u.c.t.V.e.r.s.i.o.n...9...1...0...9.9.3...<.....A.s.s.e.m.b.l.y. .V.e.r.s.i.o.n...9...1...0...9.9.3...

                                                  C:\Users\user\AppData\Local\Temp\RES29AE.tmp

                                                  Download File
                                                  Process:C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
                                                  File Type:Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x40e, 9 symbols, created Mon Jul 22 10:51:53 2024, 1st section name ".debug$S"
                                                  Category:dropped
                                                  Size (bytes):1204
                                                  Entropy (8bit):3.735355751621784
                                                  Encrypted:false
                                                  SSDEEP:24:HCJ9YGrrkhsSHWUnhKzWD3g0NV2akSxPNdOqdet5r:3GrrTShnhKzdiV2a3Dd7de7r
                                                  MD5:9AB7657A5AEEA367FE03C64AEEC4A32D
                                                  SHA1:C44F40E645C0E4628D089173ADEB28E75DC6C011
                                                  SHA-256:D28B9984E91172805E8240C234033DA1B5E27072026E6C62E1981B3F85801FBC
                                                  SHA-512:9DFCF4E1B44B4843856A0F05620C33A7A69E54F65170C2F789BBA888A99E1EE49E367E8A9B156CF23F1EB3014C9B3599A8C2DB11CAEE92AF8AA9A3D338C1D8DB
                                                  Malicious:false
                                                  Preview:L....9.f.............debug$S............................@..B.rsrc$01........X...T...............@..@.rsrc$02........X...................@..@........0....c:\Users\user\AppData\Local\Temp\CSC299E.tmp.................k....e..]I.XHQ......d...5.......C:\Users\user\AppData\Local\Temp\RES29AE.tmp.+...................'.Microsoft (R) CVTRES...............................................0.......................H.......X...........H.........X.4...V.S._.V.E.R.S.I.O.N._.I.N.F.O.............................?...........................D.....V.a.r.F.i.l.e.I.n.f.o.....$.....T.r.a.n.s.l.a.t.i.o.n...............S.t.r.i.n.g.F.i.l.e.I.n.f.o.........0.0.0.0.0.4.b.0...,.....F.i.l.e.D.e.s.c.r.i.p.t.i.o.n..... ...4.....F.i.l.e.V.e.r.s.i.o.n.....9...1...0...9.9.3...<.....I.n.t.e.r.n.a.l.N.a.m.e...r.r.d.1.g.v.m.r...d.l.l.....(.....L.e.g.a.l.C.o.p.y.r.i.g.h.t... ...D.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e...r.r.d.1.g.v.m.r...d.l.l.....8.....P.r.o.d.u.c.t.V.e.r.s.i.o.n...9...1...0...9.9.3...<.....A.s.s.e.m.b.l.y.

                                                  C:\Users\user\AppData\Local\Temp\RES40C1.tmp

                                                  Download File
                                                  Process:C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
                                                  File Type:Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x40e, 9 symbols, created Mon Jul 22 10:51:59 2024, 1st section name ".debug$S"
                                                  Category:dropped
                                                  Size (bytes):1204
                                                  Entropy (8bit):3.7547182574113243
                                                  Encrypted:false
                                                  SSDEEP:24:H4J9YGrrL/kNoSHrUnhKzWD3g0NVkakSPPNdOqdet5r:5GrrLMWSInhKzdiVka3Nd7de7r
                                                  MD5:58DAA5D15BCEDD22DB048B52F8874116
                                                  SHA1:DA8D4D344FA10855BE1B74DB25D44DA0FD16A601
                                                  SHA-256:DA3A7028546CD8610C87E12E9BF7437CEBB2293089B0976F6469C1DD70256CB1
                                                  SHA-512:23B8248B8F08B611728AF2CC82328ABE0AE1F57858DF589B5E976A67EB4D817DFB656F034B7F9571171A0BCE8653544C5BEBA908F8812EE69C3C032FB0F7B605
                                                  Malicious:false
                                                  Preview:L....9.f.............debug$S............................@..B.rsrc$01........X...T...............@..@.rsrc$02........X...................@..@........0....c:\Users\user\AppData\Local\Temp\CSC40B0.tmp...............).g..=.|.A...YGa......d...5.......C:\Users\user\AppData\Local\Temp\RES40C1.tmp.+...................'.Microsoft (R) CVTRES...............................................0.......................H.......X...........H.........X.4...V.S._.V.E.R.S.I.O.N._.I.N.F.O.............................?...........................D.....V.a.r.F.i.l.e.I.n.f.o.....$.....T.r.a.n.s.l.a.t.i.o.n...............S.t.r.i.n.g.F.i.l.e.I.n.f.o.........0.0.0.0.0.4.b.0...,.....F.i.l.e.D.e.s.c.r.i.p.t.i.o.n..... ...4.....F.i.l.e.V.e.r.s.i.o.n.....9...1...0...9.9.3...<.....I.n.t.e.r.n.a.l.N.a.m.e...i.6.u.w.q.y.h.0...d.l.l.....(.....L.e.g.a.l.C.o.p.y.r.i.g.h.t... ...D.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e...i.6.u.w.q.y.h.0...d.l.l.....8.....P.r.o.d.u.c.t.V.e.r.s.i.o.n...9...1...0...9.9.3...<.....A.s.s.e.m.b.l.y.

                                                  C:\Users\user\AppData\Local\Temp\WcInstaller.log

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:ASCII text, with CRLF line terminators
                                                  Category:modified
                                                  Size (bytes):3374
                                                  Entropy (8bit):5.121791220953011
                                                  Encrypted:false
                                                  SSDEEP:48:u0N9ra2nlRD8vTQL78tLI5Kdo6oaNpMn6GH9oxOKdo30pAKpugdQf8VUFR9L2Y2p:NDD8vTDxIXbaNxSEGKdQE0960eMzq
                                                  MD5:4DFFD2E27DE4067479FC7F7DE69E40E0
                                                  SHA1:689E7B65E2807230E8DB652B5594A29965526B21
                                                  SHA-256:60241E8AD97A8A5827CEDE5399FF2617B16FA06DAF556B59FA271AFDC63C8409
                                                  SHA-512:CD60BC6B9067FD88DA7DF96C31FBA925AD71D6623B68C46363EC214C3E6BED6458F191099C38D56F622B984489A50F9247190ECCF0D08FDD43B994D1A9EC9AC0
                                                  Malicious:false
                                                  Preview:Detecting windows culture..22/07/2024 06:50:38 :-> Starting installer 9.1.0.993 with: .\WebCompanionInstaller.exe --partner=FZ210427 --version=9.1.0.993 --silent --partner=FZ210427 --searchenbl, Run as admin: True..SecurityProtocol set to 4032..Preparing for installing Web Companion..22/07/2024 06:50:40 :-> Generating Machine and Install Id .....22/07/2024 06:50:40 :-> Machine Id and Install Id has been generated..22/07/2024 06:50:40 :-> Checking prerequisites .....22/07/2024 06:50:40 :-> Antivirus not detected..22/07/2024 06:50:40 :-> vm_check False..22/07/2024 06:50:40 :-> reg_check :False..22/07/2024 06:50:40 :-> Installed .Net framework is V40..22/07/2024 06:50:40 :-> Prerequisites test has been successfully passed..22/07/2024 06:50:41 :-> Downloading the latest stable version 9.1.0.993.....22/07/2024 06:50:51 :-> The latest stable version of Web Companion has been downloaded: 9.1.0.993..22/07/2024 06:50:51 :-> Extracting C:\Users\user\AppData\Local\Temp\WebCompanion.zip .....22/

                                                  C:\Users\user\AppData\Local\Temp\WebCompanion.zip

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                  Category:dropped
                                                  Size (bytes):12024981
                                                  Entropy (8bit):7.994643967856248
                                                  Encrypted:true
                                                  SSDEEP:196608:RKBQ0t7sYYxBZmozB8HlucNEgvWCcCkxABoEwsOOSTDq/ifdRvtXKwEtWjVE3FML:8BH6Ykmo94tWXC2AoES2WXfvQFMtV
                                                  MD5:6E7457AE3FBD1C47397EB721A83E7C56
                                                  SHA1:B9BB9DE6DE8BFE126ED008314BF5F33A87F4950B
                                                  SHA-256:7E81DABF1B5EFC7A2390F8C6EB4FF3B1E2BCC086C7CD6D2665B10F237E0E5FAB
                                                  SHA-512:EE50D39A126C759AA156A5FB4A07413C0E0B6A88EB864A33615D62BFAD8CD15F61C3294CF8DF380A3921EB797F96A194EE162CC289F18C43B26B47E30A54F3EA
                                                  Malicious:false
                                                  Preview:PK........'-xW.r,-gF...$......Application/7za.exe.yxTE.8|{I.YH'@CX.V[..%CP.4h_.MnCG@DQ..h..... .`'..\[...u..yg....QGY\........{..d.....S.......~.}y...N.:u..S.NU...`......*.k....~.......e..o.`.......[`._..]U..g.s...?..~..J..:.~.s.t.}..q.>}2l.....u.....#.Y..Mt}.......6z......{.:.:.y^KW.]....ys."..Nu.........C.EB..$..P.k......s.(..zN..K.........~+.L....I....T..o...l.m...Yp=.*..#....g.r...<.wg.....zb......QUw..M.:...L...nHN..r...]#..TA.r...vO..5.'.:B]..p}<.lxU... ...6...........?i...o...g..7H...%E_..B...d.... .f.].&I..Q..G.S..x.o.K......../.~...g.Q_..^(..h^...Dq.J\Y2.....&...........Fo`...........}....98E'..Kne+c........._./..o.o.+g.z..M.6.....D.D.^I9..!..0HJ..?h.7..2"U.;...RY..=b..k.^y....0.l...m*...h..9.........f....J-N..KU....HH."......Y...I)8..=s>.)MPH!.L....e...J..`bc(.:.-M=}...v...=..9.:..u.7.X.O...T..%e.)V...rS..s....o...[1.C... ...x7g)P..:............8. .u...lv-a..MB.TyW..D..p$..0.x>..'..K..l./g..U......b{.!_...,....<.....$#zh.e....+.

                                                  C:\Users\user\AppData\Local\Temp\Webprotection.zip

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:Zip archive data, at least v2.0 to extract, compression method=store
                                                  Category:dropped
                                                  Size (bytes):18692270
                                                  Entropy (8bit):7.997923935037799
                                                  Encrypted:true
                                                  SSDEEP:393216:gSxW/3m6UFVh3BBSAKj0OXQqrI9xSD/FtWz3p/CNsnzrsVmY9:gIWu6evB6wlYDtt8dHpY9
                                                  MD5:3D0AC3A6AD22C725B16B8700311B8684
                                                  SHA1:A2C754712DF826F2EB9340D57827E3D86B59780D
                                                  SHA-256:B6E89DA77AC668A93A2EB877A1ECED7398291AF68B97E2B2B6F841A279A8EDCA
                                                  SHA-512:777CE4490CA45664CF0E81FB0155C0839D8C2C14BDEB1DA3914E7C2D86B111D1A232E4622BFBBB37A739DBEBAB6C60B1DBDAE1D309F934DCE7EB615EE282A135
                                                  Malicious:false
                                                  Preview:PK.........6GX................Win32/PK........@a.FK..a3...`/..(...Win32/api-ms-win-core-console-l1-1-0.dll...TSI.P.@......&.."X...QCQ..B..$.."....x(........<.XP.l.H..!Xh.Sn..w...+.6o.....?;;;;./..... ,..~.:.j.X..Vj.L.rf..#.Z...j..p&...a.qhQ.:..b.....'.E`..v.TB.;.A...k...4V.Q.m...5..t.....a.h.....Lz8..5...!.....*cy...@h...$....2.2..a..yGC..TC ,.@.M...d%"D.^.!....2.d..r...wG.. (Hc..:..B.h!...<P.D.(4~.....H......!cGx..;P........G..Z.........s.w.......my..j|..Q;*..%..v<.T}n{w.#.....(.1.."....x...H.1.L$.aRtH..Et....B...t.q..JHH...C...!.1.....!..{-......x.g.F......c.........9........(.A......P..-.A..|.$.8....~.Z. ....|D...V..............e.]..@?D.4.@XH.,m1H..e+.I......DFB..l.....`pX.Hc.i.u..7.j.6.2.:.8.0.%&!}.u..E..,o...\b........y,.b..`.cz......1.l=...&..-d.2.o.u.2^..M.)>_g....e>..:bt.'....dpFx..<B.;9..>.&.....Gc...K.....J.:(AP.x:..A*......G...T..|g..0&...Q.@.<..<..r..<.t..H9.}.i .".H..P=gP.....it...( ..q &..4&..1.d......a!.......6...H..m.O......R...`..lg ...!..

                                                  C:\Users\user\AppData\Local\Temp\i6uwqyh0.0.cs

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):51485
                                                  Entropy (8bit):4.450142408778355
                                                  Encrypted:false
                                                  SSDEEP:384:lyyUbAbPhOLybikYXIrWcZ2ceB8Zqp48yzc8I:lHprY3
                                                  MD5:2C3C7020406F8CC316286450B944E3A1
                                                  SHA1:95BDDE564BA17831E64D3D5FB4F670141074F2EE
                                                  SHA-256:C8DF5FBBBF94C12DAC8CA5811FA6F9D44AF914306E625672A99865307F60E5E9
                                                  SHA-512:95F78FC19B5F3D26F0DD020DDE8DD1E7FB2C081D8F63E82BBDA82F87B1E2F65BFBBE8FA554A646F5E752A9F60339914136E1133D347B544D26D7F09EDE408A85
                                                  Malicious:false
                                                  Preview:.#if _DYNAMIC_XMLSERIALIZER_COMPILATION..[assembly:System.Security.AllowPartiallyTrustedCallers()]..[assembly:System.Security.SecurityTransparent()]..#endif..[assembly:System.Reflection.AssemblyVersionAttribute("9.1.0.993")]..namespace Microsoft.Xml.Serialization.GeneratedAssembly {.... public class XmlSerializationWriterComponentsServiceSoap : System.Xml.Serialization.XmlSerializationWriter {.... public void Write7_GetComponentsInfo(object[] p) {.. WriteStartDocument();.. TopLevelElement();.. int pLength = p.Length;.. WriteStartElement(@"GetComponentsInfo", @"http://tempuri.org/", null, false);.. if (pLength > 0) {.. Write2_ComponentsInfoRequest(@"request", @"http://tempuri.org/", ((global::WebCompanion.UI.NewUpdateService.ComponentsInfoRequest)p[0]), false, false);.. }.. WriteEndElement();.. }.... public void Write8_GetComponentsInfoResponse(object[] p) {..

                                                  C:\Users\user\AppData\Local\Temp\i6uwqyh0.cmdline

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (504), with no line terminators
                                                  Category:dropped
                                                  Size (bytes):507
                                                  Entropy (8bit):5.5668113892735525
                                                  Encrypted:false
                                                  SSDEEP:6:pAu+HmFpw+o3kLWuoT7F20+vvR5TLk2dQ2CHhJ23f6+zxscHc9olm14sQPICHhJT:p3rz5YknoT7UNvvfVuidrHc9ow16PA4
                                                  MD5:13C4CF874EE1C4E096BD4B05417AF978
                                                  SHA1:51F94AF501C642B40DDFBB2BFBB164556E204D17
                                                  SHA-256:0E3503EB391B483FEE5FA43DB642D221AF39C2CD4DC4FF63D889237807A17166
                                                  SHA-512:FEB6AC3981450957D1D84624DDC7181BAED1990B86FAED706B708291EC76712F85EF50BE92F9EA773655E68725279434924D5B900CE1C6FD5E48374AA635EEFB
                                                  Malicious:false
                                                  Preview:./t:library /utf8output /R:"C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll" /R:"C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll" /R:"C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll" /R:"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" /out:"C:\Users\user\AppData\Local\Temp\i6uwqyh0.dll" /debug- /optimize+ /nostdlib /D:_DYNAMIC_XMLSERIALIZER_COMPILATION "C:\Users\user\AppData\Local\Temp\i6uwqyh0.0.cs"

                                                  C:\Users\user\AppData\Local\Temp\i6uwqyh0.dll

                                                  Download File
                                                  Process:C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):32768
                                                  Entropy (8bit):3.434804426435569
                                                  Encrypted:false
                                                  SSDEEP:384:95dcNhNRdeNANtdQN0NudCN3NcMN2dBqNkpqQNjN+eNCFBMNeoekWmQAjwMedKAi:93mbunlaoekWmQpMedhLhg6/Rp7YXD
                                                  MD5:205487A8C95C58308A8C9EDC1F46B4FA
                                                  SHA1:1112280B9259775D20577309A9E1E5F4039EFFCB
                                                  SHA-256:F337A94839E60A7BD951A9EB6CBD4684BA12D6F5B48B387D46A940F181FEBAC3
                                                  SHA-512:B62EC55456CF0CCF4744E7A5E205D6B1158335D6639A062448E16CD712B025FAFAA70959192A6ED7880FB7E24A281870B5524D3E4FAB9D698CC8CD7AC8D5FAFE
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....9.f...........!.....P... .......e... ........@.. ....................................@..................................e..O.................................................................................... ............... ..H............text....F... ...P.................. ..`.rsrc................`..............@..@.reloc...............p..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Users\user\AppData\Local\Temp\i6uwqyh0.out

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (619), with CRLF line terminators
                                                  Category:modified
                                                  Size (bytes):1095
                                                  Entropy (8bit):5.560995586090911
                                                  Encrypted:false
                                                  SSDEEP:24:THnzdX2kn8YfsidW1cAtKai3SGzKIMl6I5Dv1rz1NMO1DF1:THt2k8Yf7E1jtKb3xKxl6I5DNz1NMO1b
                                                  MD5:711029C843E093AE7F30CBB5F9185BCF
                                                  SHA1:34EE7A770BA14312AEB93E3BEFD51B81CC379A81
                                                  SHA-256:EBA80BFAAD4E35787225DD565AA59AD7027BAF313CD502D2F4751472414EB037
                                                  SHA-512:931C105C331E57888791BC0582F50E0BB5C89301EAB5B9D376FFBE2344DD41D6BCB2600D57FAA95AF0554F8F212FE3BE2459CE16E074B8024F05227F34E252B6
                                                  Malicious:false
                                                  Preview:.C:\Program Files (x86)\Lavasoft\Web Companion\Application> "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /t:library /utf8output /R:"C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll" /R:"C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll" /R:"C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll" /R:"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" /out:"C:\Users\user\AppData\Local\Temp\i6uwqyh0.dll" /debug- /optimize+ /nostdlib /D:_DYNAMIC_XMLSERIALIZER_COMPILATION "C:\Users\user\AppData\Local\Temp\i6uwqyh0.0.cs"......Microsoft (R) Visual C# 2005 Compiler version 8.00.50727.9149..for Microsoft (R) Windows (R) 2005 Framework version 2.0.50727..Copyright (C) Microsoft Corporation 2001-2005. All rights reserved.....c:\Users\user\AppData\Local\Temp\i6uwqyh0.0.cs(485,78): warning CS0219: The variable 'a_0' is assigned but its value is never used..c:\Users\user\AppData\Local\Temp\i6uwq

                                                  C:\Users\user\AppData\Local\Temp\nsdF22D.tmp

                                                  Download File
                                                  Process:C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):565920
                                                  Entropy (8bit):7.672199048109324
                                                  Encrypted:false
                                                  SSDEEP:12288:YG5knZfFKeYDbRpFE7T/W2ktHD/ICRrjkBMgOEuPpi:YG50ZfFK5fREfe2yjQCRrjcjuPpi
                                                  MD5:CA94290A5FB89E0AAACBF01585718B17
                                                  SHA1:4FE5E5E9276824158BD9A08BF5A4759EC3C4926B
                                                  SHA-256:0C1EC6BDA6EC65EF4194D0B812B66972B8AF104F46DBA320A46802531D6B2314
                                                  SHA-512:45CC55D77F41BD94472543D23B16C12B4BB777C9F57CB62C5E7E6BE1D0040A0FDE84C219CA504402FB28F03BD57F57CCBA0D2B9E2330D32A59926B4CCC47F535
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........W..s...s...s..c}...s..Yy...s..w,...s...r./.s..w....s..Yx...s.......s.......s.Zyu...s.Rich..s.................PE..L.....M........../..................H............@.................................}...........................................d....p...q...........o...2...........................................................................................text............................... ..`.rdata...D.......F..................@..@.data...hZ.......2..................@....sxdata......`......................@....rsrc....q...p...r..................@..@........................................................................................................................................................................................................................................................................................................................

                                                  C:\Users\user\AppData\Local\Temp\nseDA4F.tmp

                                                  Download File
                                                  Process:C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):539123
                                                  Entropy (8bit):7.65010903981502
                                                  Encrypted:false
                                                  SSDEEP:12288:YG5knZfFKeYDbRpFE7T/W2ktHD/ICRrjkBMgOEM:YG50ZfFK5fREfe2yjQCRrjcjM
                                                  MD5:0B226A256454A497CEC16FBDB8589AD6
                                                  SHA1:F1C1E94E02C291CE9928A9931E1A373A073501B0
                                                  SHA-256:7BB0DCDA856FD5433B5F169E332039F4EB2DCAAF015CF04DD267E980974C23AC
                                                  SHA-512:B3AE80A415AC5032D2A8B572822FF8F8F53262FE44CBD9B2BF233391F4E270F1C06978B09EB3BF5BCDF772E1557ABBCDE1D8B877B84E3A582891CAFDEE29CE53
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........W..s...s...s..c}...s..Yy...s..w,...s...r./.s..w....s..Yx...s.......s.......s.Zyu...s.Rich..s.................PE..L.....M........../..................H............@.................................}...........................................d....p...q...........o...2...........................................................................................text............................... ..`.rdata...D.......F..................@..@.data...hZ.......2..................@....sxdata......`......................@....rsrc....q...p...r..................@..@........................................................................................................................................................................................................................................................................................................................

                                                  C:\Users\user\AppData\Local\Temp\nshA272.tmp

                                                  Download File
                                                  Process:C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):337842
                                                  Entropy (8bit):4.362392065765342
                                                  Encrypted:false
                                                  SSDEEP:3072:F8anWu1ntrI7kQLTqD6buiS4E2HBlUt3iBwXztFdQGGClCC80:FWxRbH23JXdZb0P0
                                                  MD5:2D0C0A963430E2EBF93271AB93F6DE9E
                                                  SHA1:75868B696E4DDBBFB835FDCF9C5CD5753DF5E328
                                                  SHA-256:45FBD001DE6627F00DFA337748F29F63734AF92DBFD08B7FE4A49575D7D5F70B
                                                  SHA-512:B66E0CD0DCF9B0EE1A9F3333AD3CC2C525F1C08569948F8BF6420B7B62C0876683FC033E2E0F86CF7F8CBD0DF900087079728362AAA8761BAB4218B29CB18DE0
                                                  Malicious:false
                                                  Preview:. ......,...............d,..............0..................................._.......................................g...f...............r...................................................................................................................................................G...J...........3...f.......................................................................m.......................................................................................................................................................................................................(...............................................h...............................................................g...............................................................................................................................j..........."...(.......................................................................................................................J...............................................

                                                  C:\Users\user\AppData\Local\Temp\nsjB408.tmp

                                                  Download File
                                                  Process:C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):7641
                                                  Entropy (8bit):7.8608874124319845
                                                  Encrypted:false
                                                  SSDEEP:192:rnB9Sx4sZxQVHqUIsg6UVHcyIFl7vTqBLLZR/:8Px8C6UB98dMLLZR/
                                                  MD5:4F0D86B3C8826F9A7337061679996962
                                                  SHA1:E4EE5500CD4F32F6533644386A98867A912B8E11
                                                  SHA-256:6976DB29087733A6A001A189AB9BDA5E3A54480C70E83585226CC652A0C85CFC
                                                  SHA-512:3E74B3CBF057CBAE0893D2C063E41F4315073891167AD67FAAF708A0F2DB74F2341C00AB1FC901647610CDBCD2C925756BDE8DAE3EB0DBD895B2F32672C9909A
                                                  Malicious:false
                                                  Preview:url.https://offers.filezilla-project.org/get.php?offer=2021a.filename.WcInstaller.exe.args.--silent --partner=FZ210427 --searchenbl.skipreg.HKLM.SOFTWARE\Lavasoft\Web Companion.Installed.skipreg.HKCU.SOFTWARE\Lavasoft\Web Companion.Installed.controls.0u.120u.50u.16u.&Accept.0.50u.120u.150u.16u.&Decline.0.label.0u.40u.300u.32u.Adaware Web Companion helps you safely browse the web by blocking malicious sites and phishing scams..0.label.0u.65u.300u.24u.Block malicious threats by installing Adaware Web Companion. Improve my Internet Protection with Adaware Web Companion..0.icon.0u.0u.202.57.6630........7...............PNG........IHDR.......7............IDATx....p.G.......1s......].(.......sl..LgI.0.af>_.3..,...mum...%.l..5..xF.=...M...T..V..X....]..ob.?/...S.....P&..d...m..t.e..6.b..2.Li.z!.....Q.k.+p..e..d../...zm.....q.......7.&.3....2.d.f..Z..W...f..p.l....e..F.../.$...u...&.{....L&.E...i3.8?.....~Q.2[.W...8Y..@MB...}]....`.]w.um(.)...$.G...[~.lq...*ZvM..[..h....:!.k......x

                                                  C:\Users\user\AppData\Local\Temp\nsmA292.tmp\INetC.dll

                                                  Download File
                                                  Process:C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):25088
                                                  Entropy (8bit):5.442313325278199
                                                  Encrypted:false
                                                  SSDEEP:384:wv1j9e9dEs+rN+qFLAjNXT37vYnOrvFhSL+ZwcSyekzANZBJ:w1AvEs3HBLzYn29vYh
                                                  MD5:640BFF73A5F8E37B202D911E4749B2E9
                                                  SHA1:9588DD7561AB7DE3BCA392B084BEC91F3521C879
                                                  SHA-256:C1E568E25EC111184DEB1B87CFDA4BFEC529B1ABEAB39B66539D998012F33502
                                                  SHA-512:39C6C358E2B480C8CBEBCC1DA683924C8092FB2947F2DA4A8DF1B0DC1FDDA61003D91D12232A436EC88FF4E0995B7F6EE8C6EFBDCA935EAA984001F7A72FEA0A
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......'9<.cXR.cXR.cXR.D.).jXR.cXS.6XR.D. .`XR.D.(.bXR.D...bXR.D.*.bXR.RichcXR.........................PE..L....I6V...........!.....>...j......ME.......P.......................................................................M..l....E..d.......(.......................T.......................................................d............................text....=.......>.................. ..`.data....V...P.......B..............@....rsrc...(............P..............@..@.reloc..V............Z..............@..B................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Users\user\AppData\Local\Temp\nsmA292.tmp\System.dll

                                                  Download File
                                                  Process:C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):12288
                                                  Entropy (8bit):5.805604762622714
                                                  Encrypted:false
                                                  SSDEEP:192:VjHcQ0qWTlt7wi5Aj/lM0sEWD/wtYbBjpNQybC7y+XZv0QPi:B/Qlt7wiij/lMRv/9V4bvr
                                                  MD5:4ADD245D4BA34B04F213409BFE504C07
                                                  SHA1:EF756D6581D70E87D58CC4982E3F4D18E0EA5B09
                                                  SHA-256:9111099EFE9D5C9B391DC132B2FAF0A3851A760D4106D5368E30AC744EB42706
                                                  SHA-512:1BD260CABE5EA3CEFBBC675162F30092AB157893510F45A1B571489E03EBB2903C55F64F89812754D3FE03C8F10012B8078D1261A7E73AC1F87C82F714BCE03D
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......qr*.5.D.5.D.5.D...J.2.D.5.E.!.D.....2.D.a0t.1.D.V1n.4.D..3@.4.D.Rich5.D.........PE..L...S.d...........!....."...........*.......@...............................p............@..........................B.......@..P............................`.......................................................@..X............................text.... .......".................. ..`.rdata..c....@.......&..............@..@.data...x....P.......*..............@....reloc.......`.......,..............@..B................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Users\user\AppData\Local\Temp\nsmA292.tmp\UAC.dll

                                                  Download File
                                                  Process:C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):14848
                                                  Entropy (8bit):5.715583967305762
                                                  Encrypted:false
                                                  SSDEEP:192:DiF6v2imI36Op/tGZGfWxdyWHD0I53vLl7WVl8e04IpDlPjs:DGVY6ClGoWxXH75T1WVl83lLs
                                                  MD5:ADB29E6B186DAA765DC750128649B63D
                                                  SHA1:160CBDC4CB0AC2C142D361DF138C537AA7E708C9
                                                  SHA-256:2F7F8FC05DC4FD0D5CDA501B47E4433357E887BBFED7292C028D99C73B52DC08
                                                  SHA-512:B28ADCCCF0C33660FECD6F95F28F11F793DC9988582187617B4C113FB4E6FDAD4CF7694CD8C0300A477E63536456894D119741A940DDA09B7DF3FF0087A7EADA
                                                  Malicious:false
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........#.?NB.lNB.lNB.li..lEB.lNB.l.B.li..lMB.li..lOB.li..lOB.li..lOB.lRichNB.l................PE..L...@.dU...........!.....,...........).......@...............................p.......................................;..<....3..x....P.......................`..........................................................\............................text....+.......,.................. ..`.data...d....@.......0..............@....rsrc........P.......2..............@..@.reloc.......`.......4..............@..B........................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Users\user\AppData\Local\Temp\nsmA292.tmp\UserInfo.dll

                                                  Download File
                                                  Process:C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):4096
                                                  Entropy (8bit):3.3417962237544945
                                                  Encrypted:false
                                                  SSDEEP:48:qKYHC+J4apHT1wH8l9QcXygHg0ZShMmj3jkRTbGr7X:5piRzuHOXTA0H6jkRnGr7X
                                                  MD5:D458B8251443536E4A334147E0170E95
                                                  SHA1:BA8D4D580F1BC0BB2EAA8B9B02EE9E91B8B50FC3
                                                  SHA-256:4913D4CCCF84CD0534069107CFF3E8E2F427160CAD841547DB9019310AC86CC7
                                                  SHA-512:6FF523A74C3670B8B5CD92F62DCC6EA50B65A5D0D6E67EE1079BDB8A623B27DD10B9036A41AA8EC928200C85323C1A1F3B5C0948B59C0671DE183617B65A96B1
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......K..................[.........Rich..........................PE..L...T.d...........!................~........ ...............................P............@.........................@"......l ..<............................@..p.................................................... ..L............................text............................... ..`.rdata....... ......................@..@.data...h....0......................@....reloc.......@......................@..B................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe (copy)

                                                  Download File
                                                  Process:C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):565920
                                                  Entropy (8bit):7.672199048109324
                                                  Encrypted:false
                                                  SSDEEP:12288:YG5knZfFKeYDbRpFE7T/W2ktHD/ICRrjkBMgOEuPpi:YG50ZfFK5fREfe2yjQCRrjcjuPpi
                                                  MD5:CA94290A5FB89E0AAACBF01585718B17
                                                  SHA1:4FE5E5E9276824158BD9A08BF5A4759EC3C4926B
                                                  SHA-256:0C1EC6BDA6EC65EF4194D0B812B66972B8AF104F46DBA320A46802531D6B2314
                                                  SHA-512:45CC55D77F41BD94472543D23B16C12B4BB777C9F57CB62C5E7E6BE1D0040A0FDE84C219CA504402FB28F03BD57F57CCBA0D2B9E2330D32A59926B4CCC47F535
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........W..s...s...s..c}...s..Yy...s..w,...s...r./.s..w....s..Yx...s.......s.......s.Zyu...s.Rich..s.................PE..L.....M........../..................H............@.................................}...........................................d....p...q...........o...2...........................................................................................text............................... ..`.rdata...D.......F..................@..@.data...hZ.......2..................@....sxdata......`......................@....rsrc....q...p...r..................@..@........................................................................................................................................................................................................................................................................................................................

                                                  C:\Users\user\AppData\Local\Temp\nsmA292.tmp\modern-wizard.bmp

                                                  Download File
                                                  Process:C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  File Type:PC bitmap, Windows 3.x format, 164 x 314 x 4, image size 26376, resolution 2834 x 2834 px/m, cbSize 26494, bits offset 118
                                                  Category:dropped
                                                  Size (bytes):26494
                                                  Entropy (8bit):1.9568109962493656
                                                  Encrypted:false
                                                  SSDEEP:24:Qwika6aSaaDaVYoG6abuJsnZs5GhI11BayNXPcDrSsUWcSphsWwlEWqCl6aHAX2x:Qoi47a5G8SddzKFIcsOz3Xz
                                                  MD5:CBE40FD2B1EC96DAEDC65DA172D90022
                                                  SHA1:366C216220AA4329DFF6C485FD0E9B0F4F0A7944
                                                  SHA-256:3AD2DC318056D0A2024AF1804EA741146CFC18CC404649A44610CBF8B2056CF2
                                                  SHA-512:62990CB16E37B6B4EFF6AB03571C3A82DCAA21A1D393C3CB01D81F62287777FB0B4B27F8852B5FA71BC975FEAB5BAA486D33F2C58660210E115DE7E2BD34EA63
                                                  Malicious:false
                                                  Preview:BM~g......v...(.......:............g..................................................................................DDD@@@@DDDDDD@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@DDDDDDDDDD@@@@DDDDDDDDD@@@@@@..DDD....DDDDDD........................................DDDDDDDDDD....DDDDDDDDD........DD@@@@DDDDDD@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@DDDDDDDDD@@@@DDDDDDDDDD@@@@@@D..DD....DDDDDDD......................................DDDDDDDDDD....DDDDDDDDDD......D..D@@@@@DDDDDD@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@DDDDDDDDDD@@@@DDDDDDDDDD@@@@@DDD..D.....DDDDDD......................................DDDDDDDDD.....DDDDDDDDD......DDD..@@@@@DDDDDD@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@DDDDDDDDDD@@@@DDDDDDDDDD@@@@@@DDDD.......DDDDDD.....................................DDDDDDDDDD....DDDDDDDDDD.....DDDDD..@@@@@DDDDDD@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@DDDDDDDDDD@@@@DDDDDDDDD@@@@@@DDDDDD.......DDDDDD....................................DDDDDDDDD....DDDDDDDDDD......DDDDDD..@@@@DDDDDD@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

                                                  C:\Users\user\AppData\Local\Temp\nsmA292.tmp\nsDialogs.dll

                                                  Download File
                                                  Process:C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):9728
                                                  Entropy (8bit):5.158585441954107
                                                  Encrypted:false
                                                  SSDEEP:96:o4Ev02zUu56FcS817eTaXx85qHFcUcxSgB5PKtAtoniJninnt3DVEB3YsNqkzfFc:o4EvCu5e81785qHFcU0PuAw0uyGIFc
                                                  MD5:1D8F01A83DDD259BC339902C1D33C8F1
                                                  SHA1:9F7806AF462C94C39E2EC6CC9C7AD05C44EBA04E
                                                  SHA-256:4B7D17DA290F41EBE244827CC295CE7E580DA2F7E9F7CC3EFC1ABC6898E3C9ED
                                                  SHA-512:28BF647374B4B500A0F3DBCED70C2B256F93940E2B39160512E6E486AC31D1D90945ACECEF578F61B0A501F27C7106B6FFC3DEAB2EC3BFB3D9AF24C9449A1567
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......|..c8O`08O`08O`08Oa0.O`0.@=05O`0llP0=O`0.If09O`0.od09O`0Rich8O`0........PE..L...Q.d...........!.........0......g........0............................................@..........................6..k....0.......p...............................................................................0...............................text............................... ..`.rdata..{....0......................@..@.data...h!...@......................@....rsrc........p....... ..............@..@.reloc..~............"..............@..B................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Users\user\AppData\Local\Temp\nsrBA43.tmp

                                                  Download File
                                                  Process:C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  File Type:MS Windows icon resource - 1 icon, -1x55 with PNG image data, 255 x 55, 8-bit/color RGBA, non-interlaced, 4096 planes
                                                  Category:dropped
                                                  Size (bytes):6630
                                                  Entropy (8bit):7.92313178594869
                                                  Encrypted:false
                                                  SSDEEP:96:kB9Sx4uNZTNLQPdH0BUFTl9W2Vg64/A+V4MfcPtRyB26HwVVl5tZBTwLd:kB9Sx4sZxQVHqUIsg6UVHcyIFl7vTqd
                                                  MD5:387A4D885282D7C89EDF65E76FD490FC
                                                  SHA1:67ED245C8C02E93D6428FD1BB22D26926B2C5CC4
                                                  SHA-256:EAF84352200694DF5DA40FFA71513778A934C0F21ECBDD021776A7E2F5921FF9
                                                  SHA-512:06123EAD2D577E4C2815130CE933D5C267F18A68458B11453B0943340BD0D54C48D652710CE361CDED6FF690141B7C59EBCF20FD30D9DE55EAAFA2D140E38C6B
                                                  Malicious:false
                                                  Preview:.......7...............PNG........IHDR.......7............IDATx....p.G.......1s......].(.......sl..LgI.0.af>_.3..,...mum...%.l..5..xF.=...M...T..V..X....]..ob.?/...S.....P&..d...m..t.e..6.b..2.Li.z!.....Q.k.+p..e..d../...zm.....q.......7.&.3....2.d.f..Z..W...f..p.l....e..F.../.$...u...&.{....L&.E...i3.8?.....~Q.2[.W...8Y..@MB...}]....`.]w.um(.)...$.G...[~.lq...*ZvM..[..h....:!.k......x/..2..."t........O....W6..lnW..JT.f...T.3...u.oI_.`..E.d.?A5G.".....R.d.....&>..-L5.....{.e......g..`:.?..l~......e....ju....D......U.3Y..N..k.,j.dM..W...{..e(Y......~..........h.l.../W.3Y..Uu..5.T3...M.g.....e./#..[...@?hu .....`!..A.!.'1...b|.6..g\.;Y......h..v..;..P..#.\.m........t...{.........a9.._1..V.D..F%.Q..8.2.@....2.Gr..2......(....M6...O.P6.,.Sec........&...../..t`....+n*Ku...Ji.=.........@I.`...<X.#....T..v......g.^....K..n..H-3..6.......&.Q.c...9.l.....1....{.w...8..|....q...(+...]....z.r...D....a..sX7Q..E...n...d....7...p......#.G .. :...mL.e-

                                                  C:\Users\user\AppData\Local\Temp\rrd1gvmr.0.cs

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):45228
                                                  Entropy (8bit):4.591796736148075
                                                  Encrypted:false
                                                  SSDEEP:768:l/dyUS7t8CC/3Vzb8snFV6QCDngq+Rz7gVkWBC3J7kvDJs:lasJ
                                                  MD5:B24C97E1EBE751E3E2A3C681E197618E
                                                  SHA1:25710F9E6E1430B74BCDA50FD0BDCC27EE24A65B
                                                  SHA-256:9C52A89B8CF25473E4FA306F27E9C39E8EA1FF48D8461504C37AA08D32DF5ACF
                                                  SHA-512:4DB1B8C4A42A889CB8D73428DB6F5891E98E0A48A3303FD54D6FF74106AE9C7D454707C5F71517A134BEB8D2AA656E7D85659529A8F987168683D772EBC26040
                                                  Malicious:false
                                                  Preview:.#if _DYNAMIC_XMLSERIALIZER_COMPILATION..[assembly:System.Security.AllowPartiallyTrustedCallers()]..[assembly:System.Security.SecurityTransparent()]..#endif..[assembly:System.Reflection.AssemblyVersionAttribute("9.1.0.993")]..namespace Microsoft.Xml.Serialization.GeneratedAssembly {.... public class XmlSerializationWriterGeoIPServiceSoap : System.Xml.Serialization.XmlSerializationWriter {.... public void Write1_GetCountryNameByISO2(object[] p) {.. WriteStartDocument();.. TopLevelElement();.. int pLength = p.Length;.. WriteStartElement(@"GetCountryNameByISO2", @"http://lavasoft.com/", null, false);.. if (pLength > 0) {.. WriteElementString(@"iso2Code", @"http://lavasoft.com/", ((global::System.String)p[0]));.. }.. WriteEndElement();.. }.... public void Write2_GetLocationResponse(object[] p) {.. WriteStartDocument();.. TopLevelElement();..

                                                  C:\Users\user\AppData\Local\Temp\rrd1gvmr.cmdline

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (426), with no line terminators
                                                  Category:dropped
                                                  Size (bytes):429
                                                  Entropy (8bit):5.536165163644782
                                                  Encrypted:false
                                                  SSDEEP:6:pAu+HmkLWuoT7Fpw+o3R5TLk2dQ2CHhJ23ft/zxscHc9olm14sQPICHhJ23ft6n:p3rknoT7z5YfVui1/rHc9ow16PA16
                                                  MD5:7BD9B6B065CC71F5F516BC40AEA465F3
                                                  SHA1:569AFA9E759ECEDBA9C06C77A0E147FD471BF11D
                                                  SHA-256:C586B307F6EEE6B6FF1F9A4A94DD666717DE051E815EAE06EB0F033843D2AD9F
                                                  SHA-512:23877AE25C56C0F37C24C6033ACF65F8BB7EFC3D30D3EE2E02C222FD29514C4E4F1D4FCB225EAA0E55E19012BDDF3AD5BD8AC38610F4F42BA4A50AFF0437D0A7
                                                  Malicious:true
                                                  Preview:./t:library /utf8output /R:"C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll" /R:"C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll" /R:"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" /out:"C:\Users\user\AppData\Local\Temp\rrd1gvmr.dll" /debug- /optimize+ /nostdlib /D:_DYNAMIC_XMLSERIALIZER_COMPILATION "C:\Users\user\AppData\Local\Temp\rrd1gvmr.0.cs"

                                                  C:\Users\user\AppData\Local\Temp\rrd1gvmr.dll

                                                  Download File
                                                  Process:C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
                                                  File Type:PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):19968
                                                  Entropy (8bit):4.674742161647478
                                                  Encrypted:false
                                                  SSDEEP:192:e/KBHK6DNGgbCB169NIcK0ChFDvrpK1EAmTpfQGFOtFk2lsMX:vBHK2Q7aIcXKFDvrpK1EXdm
                                                  MD5:B2B3658F295AAEBE176E8367193A2F1B
                                                  SHA1:3AF08D6CB8C0205781AE897F35DA32C0DEAF078A
                                                  SHA-256:F25F5EEE8657D8F48C2FD2A86EA56BCE47E3F1D49C68746A7544DB0036AD1681
                                                  SHA-512:4156E29C84687B8CB95A6192B70A82098332C98A56C7BA476BF0AF598EE10440D94ADDA71D454033AB55263B63DB6A70DB2251CF1CC8A5B7CB5D51F1BE0EB08B
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....9.f...........!.....F..........Nd... ........@.. ....................................@..................................d..K.................................................................................... ............... ..H............text...TD... ...F.................. ..`.rsrc................H..............@..@.reloc...............L..............@..B................0d......H........9...*...........................................................0..E........(.....(......i..r...pr+..p..(......1..rU..pr+..p...t....(.....(....*....0..E........(.....(......i..rg..pr+..p..(......1..r...pr+..p...t....(.....(....*....0..E........(.....(......i..r...pr+..p..(......1..r...pr+..p...t....(.....(....*....0..E........(.....(......i..r...pr+..p..(......1..rQ..pr+..p...t....(.....(....*....0..E........(.....(......i..r...pr+..p..(......1..r...pr+..p...t....(..

                                                  C:\Users\user\AppData\Local\Temp\rrd1gvmr.out

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (530), with CRLF line terminators
                                                  Category:modified
                                                  Size (bytes):737
                                                  Entropy (8bit):5.586610350545551
                                                  Encrypted:false
                                                  SSDEEP:12:K6SynzR3rknoT7z5YfVui1/rHc9ow16PA1zKai3SGzKIMBj6I5BFR5y:K6nnzdgn8z2fsipW1cAhKai3SGzKIMlS
                                                  MD5:5924A1A588E804BDC43E477461E0202C
                                                  SHA1:F74D6B80FF5D3B5B8097E6FAA276DA6DE3D545BA
                                                  SHA-256:BEBA43C3D5743DA243386D7D53AD0AB19BA1BFB3F21F8CBD69D73669D450C862
                                                  SHA-512:323C790E2142A7B4760BA5D5E83BE899F1AF962794C082F34AF9715DF8C44E028ED50B0312C324EE40B49CDCE914B8B9A4A1A86D1098A25E433E844EE1F18BED
                                                  Malicious:false
                                                  Preview:.C:\Users\user\AppData\Local\Temp\7zS46E8489B> "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /t:library /utf8output /R:"C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll" /R:"C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll" /R:"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" /out:"C:\Users\user\AppData\Local\Temp\rrd1gvmr.dll" /debug- /optimize+ /nostdlib /D:_DYNAMIC_XMLSERIALIZER_COMPILATION "C:\Users\user\AppData\Local\Temp\rrd1gvmr.0.cs"......Microsoft (R) Visual C# 2005 Compiler version 8.00.50727.9149..for Microsoft (R) Windows (R) 2005 Framework version 2.0.50727..Copyright (C) Microsoft Corporation 2001-2005. All rights reserved.....

                                                  C:\Users\user\AppData\Local\Temp\vcbtw7fm.0.cs

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):51485
                                                  Entropy (8bit):4.450142408778355
                                                  Encrypted:false
                                                  SSDEEP:384:lyyUbAbPhOLybikYXIrWcZ2ceB8Zqp48yzc8I:lHprY3
                                                  MD5:2C3C7020406F8CC316286450B944E3A1
                                                  SHA1:95BDDE564BA17831E64D3D5FB4F670141074F2EE
                                                  SHA-256:C8DF5FBBBF94C12DAC8CA5811FA6F9D44AF914306E625672A99865307F60E5E9
                                                  SHA-512:95F78FC19B5F3D26F0DD020DDE8DD1E7FB2C081D8F63E82BBDA82F87B1E2F65BFBBE8FA554A646F5E752A9F60339914136E1133D347B544D26D7F09EDE408A85
                                                  Malicious:false
                                                  Preview:.#if _DYNAMIC_XMLSERIALIZER_COMPILATION..[assembly:System.Security.AllowPartiallyTrustedCallers()]..[assembly:System.Security.SecurityTransparent()]..#endif..[assembly:System.Reflection.AssemblyVersionAttribute("9.1.0.993")]..namespace Microsoft.Xml.Serialization.GeneratedAssembly {.... public class XmlSerializationWriterComponentsServiceSoap : System.Xml.Serialization.XmlSerializationWriter {.... public void Write7_GetComponentsInfo(object[] p) {.. WriteStartDocument();.. TopLevelElement();.. int pLength = p.Length;.. WriteStartElement(@"GetComponentsInfo", @"http://tempuri.org/", null, false);.. if (pLength > 0) {.. Write2_ComponentsInfoRequest(@"request", @"http://tempuri.org/", ((global::WebCompanion.UI.NewUpdateService.ComponentsInfoRequest)p[0]), false, false);.. }.. WriteEndElement();.. }.... public void Write8_GetComponentsInfoResponse(object[] p) {..

                                                  C:\Users\user\AppData\Local\Temp\vcbtw7fm.cmdline

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (504), with no line terminators
                                                  Category:dropped
                                                  Size (bytes):507
                                                  Entropy (8bit):5.547231890253287
                                                  Encrypted:false
                                                  SSDEEP:6:pAu+HmkLWuoT7Fpw+o3R5TLk2dQvGF20+vnCHhJ23fozxscHc9olm14sQPICHhJm:p3rknoT7z5YfVuOUNv5wrHc9ow16PACA
                                                  MD5:FE80E41BBA7A48F563BDCF7C6E9DF31B
                                                  SHA1:441F0253BDCCC9760F9C621E9076557E337610E2
                                                  SHA-256:B11D5DB9664A0746E2F6D594CE1052258011C1D4D164A69459B9B956284DC45D
                                                  SHA-512:03DD67CEABE1AE109753A78BD45705C46C5DBBD22978AD34515F2492D666D23510A0E42274845E20A828C99DC2CB2E34ADE83794DD32F2521EFE23D4DD854B0F
                                                  Malicious:false
                                                  Preview:./t:library /utf8output /R:"C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll" /R:"C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll" /R:"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" /R:"C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll" /out:"C:\Users\user\AppData\Local\Temp\vcbtw7fm.dll" /debug- /optimize+ /nostdlib /D:_DYNAMIC_XMLSERIALIZER_COMPILATION "C:\Users\user\AppData\Local\Temp\vcbtw7fm.0.cs"

                                                  C:\Users\user\AppData\Local\Temp\vcbtw7fm.out

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (619), with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):1095
                                                  Entropy (8bit):5.541047326611061
                                                  Encrypted:false
                                                  SSDEEP:24:THnzdgn8z2fsO4WW1cAC1Kai3SGzKIMl6I5Dv1rCr1NCEO1DF1:THK8z2fd4b1joKb3xKxl6I5DNi1NXO1b
                                                  MD5:5D63FAD7B6CA1E0C183CF9C054C59E0D
                                                  SHA1:A65178872911CDABE0F9C9D1658C6B7D5A0F406C
                                                  SHA-256:1F08D0CBC541667CB59EBCD86FB20EB7E0F2D4C3E3C893DF6199AA1F58677CBE
                                                  SHA-512:03E2356085FDED98BE9E8EC7EB3629BF45D2ABBFC9788073A2862EC524D06BECFAE689FB02B78AAE4CF80A9B4C0435EEBFA3164BA8833D0149F337EA78E16272
                                                  Malicious:false
                                                  Preview:.C:\Program Files (x86)\Lavasoft\Web Companion\Application> "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /t:library /utf8output /R:"C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll" /R:"C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll" /R:"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" /R:"C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll" /out:"C:\Users\user\AppData\Local\Temp\vcbtw7fm.dll" /debug- /optimize+ /nostdlib /D:_DYNAMIC_XMLSERIALIZER_COMPILATION "C:\Users\user\AppData\Local\Temp\vcbtw7fm.0.cs"......Microsoft (R) Visual C# 2005 Compiler version 8.00.50727.9149..for Microsoft (R) Windows (R) 2005 Framework version 2.0.50727..Copyright (C) Microsoft Corporation 2001-2005. All rights reserved.....c:\Users\user\AppData\Local\Temp\vcbtw7fm.0.cs(485,78): warning CS0219: The variable 'a_0' is assigned but its value is never used..c:\Users\user\AppData\Local\Temp\vcbtw

                                                  C:\Users\user\AppData\Roaming\Lavasoft\Web Companion\Options\FData.txt

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:JSON data
                                                  Category:dropped
                                                  Size (bytes):211
                                                  Entropy (8bit):4.453996868431016
                                                  Encrypted:false
                                                  SSDEEP:3:N5XWATHfFECJApWFVKIAVHHFNK94Ut2FY7COAHE+XOqXfSnoFPetRA/FsoODIGhN:N5XW4HJOpWFg333UAY7PY/3SYyAE7Tl5
                                                  MD5:00D61F730B56A5BBBFDB0A295416DF40
                                                  SHA1:6B59C6896C65CFBFA552F43D91D7D21FC94FC669
                                                  SHA-256:C84F24AD3D2131BBF1E96AE1EE9D774449A89852BF2DC513E632EA4341DC556A
                                                  SHA-512:26836E65DC59B8BEC6F8AFD30355958FF9603F47F41DF64FD66C0AF0404A9F722DE8FD37C6B838B641E4103299A9A4111963E665EAB689F93555569ACA9861CD
                                                  Malicious:false
                                                  Preview:[.. {.. "Search": "Google",.. "Homepage": "about:home",.. "IsOur": false,.. "SetDate": "07/22/2024",.. "Trigger": "Install",.. "RemoveDate": null,.. "Age": 0,.. "IsCurrent": true.. }..]

                                                  C:\Users\user\AppData\Roaming\Lavasoft\Web Companion\Options\Language.txt

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:JSON data
                                                  Category:dropped
                                                  Size (bytes):20
                                                  Entropy (8bit):3.5219280948873624
                                                  Encrypted:false
                                                  SSDEEP:3:GRFf9ur:GZur
                                                  MD5:3E682EB51BAEE9F27B0775287510AC6E
                                                  SHA1:0C62C14B2D05AF414CDC225DB43B60E79EC7B280
                                                  SHA-256:05A960000C74CA2F31FAC1800E5156E2E4D04A78873F005218AEEB8FBACBBFF6
                                                  SHA-512:885FFE4359BF0FD7793B304312C7C6C3E36E767490D0EE542BE5B41A74E8C4A2567C4929BB0C4BF8021A3F07ED97CF05F3FEAC224B79BD76A0AAC9F3B1BD3A06
                                                  Malicious:false
                                                  Preview:{..."lang" : "en"..}

                                                  C:\Users\user\AppData\Roaming\Lavasoft\Web Companion\bllist.txt

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:ASCII text, with very long lines (65536), with no line terminators
                                                  Category:dropped
                                                  Size (bytes):179251
                                                  Entropy (8bit):4.664971733668804
                                                  Encrypted:false
                                                  SSDEEP:3072:n/KrPEZjF6WXCfTjtAJD1OD28zmiJn9X/EcZRM/xwbjltvE:3F6WXCNiD1qNzmiv/EcKxwbjXvE
                                                  MD5:57BED415678C5FF6F5730E5BF59410D5
                                                  SHA1:775D61103831CD5F8DDBB6F6C316E4B81A2155E7
                                                  SHA-256:6E5BF9D2E0994C7BE183A854A6D4ECA965FB8BB8FAB81F7BF827DD96AFA59B70
                                                  SHA-512:F3529357D1E99ACE27813F25B4B05C268829A58C95DAD432D370395901DE161F12A02FB3B1EBCC7D89D041B08A77BBF6369B20048A189C047C8892D44E69E8BB
                                                  Malicious:true
                                                  Preview:laizhengslt.cn,mytoolz.net,protect247.online,xxlast.com,worldsanalytics.com,skilltransform.co.in,lelaer.com,jpopsingles.eu,risquegalkx.com,svetvyhod.sk,moviecrumbs.net,phrabu.go.th,onlyindianx.cc,ikiss.online,urewsawani.autos,wearyourbeer.com,app-story.net,movie2k.ch,malfadecor.ru,194.163.176.118,litepick.io,pokemonhacking.com,cake026.ru,mlwbd.rent,barsoocm.com,passionatechick2.com,immensely-admired.live,eleme.cn,jippylong12.xyz,ssoap2day.xyz,israel-or-palestinian.com,sexlist.online,maturenextdoor.com,admindfsga2.xyz,901bargrill.com,bjinr08p88ads2020.com,buff163.fi,shreeganeshapackersmovers.com,tyny.to,uhdmovies.wiki,cinemafirst.ru,indesit-ds.ru,dennibulli.com,heimwerkerhelden.com,voshod41.ru,movielite21.site,gorenamentstore.com,akari46.online,drunkardashamethicket.com,justrakhi.com,yourfreetemplates.com,neccgroup.com,maas.vn,javvietsub.bet,thachangcity.go.th,katmoviehd.mov,bluegaslamp.org,draggedline.org,gh5ys3gry5d532.xyz,kaamuu.org,saoma220.xyz,livetv365.me,pisi.pics,value-life.xyz,

                                                  C:\Users\user\AppData\Roaming\Lavasoft\Web Companion\dcilog.txt

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe
                                                  File Type:ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):144
                                                  Entropy (8bit):4.070533310578884
                                                  Encrypted:false
                                                  SSDEEP:3:111liIII++DLCLFMxVLhVIEXjqLBKCK4eURzUQhi8RX:LTrbDLfTLDJEg74vRWUX
                                                  MD5:F29FD172C737DE50EE7DE4AFA6338DAF
                                                  SHA1:1F45B1A04751090773F6D9D99176343534F5E05D
                                                  SHA-256:4CADD9D394E03911A211E7C1F98D7AED1564FBC780AAD2D7BC1B62A3255EE546
                                                  SHA-512:97DDD14086ABD3A4EDAE8AD1CA93F11949C90095CFB3DD9635451490E0033B8BFAEAAA9F3E7EE560EDA737B74C43F5306502BDF7ADE324AD3B1C2C7F394B61AB
                                                  Malicious:false
                                                  Preview:------------- cut here -----------------..starting. version=0.0.0.1..start pending..stop event created..service is running now..thread created..

                                                  C:\Users\user\AppData\Roaming\Lavasoft\Web Companion\pwlist.txt

                                                  Download File
                                                  Process:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  File Type:ASCII text, with very long lines (13004), with no line terminators
                                                  Category:dropped
                                                  Size (bytes):13004
                                                  Entropy (8bit):4.401740253805084
                                                  Encrypted:false
                                                  SSDEEP:384:XJQukf0f+Mi+meZZvYRGtXGZ2bgHdA7BMlJPyr8vYQ0:XOPf05mewRoXi2UHitMlR88vYQ0
                                                  MD5:62822E2CD7ACED854A4C89CA69BF8E2D
                                                  SHA1:76A2E7D2BE817C156E224D9F76DB43F805BF19C2
                                                  SHA-256:C8A50DB494FEC9F82C7ECC8C2716F8F0025ECDF6579ABAD0D3EEA848505BA35D
                                                  SHA-512:D65E0170B83566110ECC7BEBDE103B8AAA31921C234E76E80357B5EC5C7D67DC05DC2563C9F0115333F75701245E96569E9DC48ADAC076ED157030431B8BBA8F
                                                  Malicious:false
                                                  Preview:facebook.com,instagram.com,twitter.com,google.com,wordpress.org,youtube.com,linkedin.com,cloudflare.com,pinterest.com,microsoft.com,apple.com,adaware.com,avanquest.com,webcompanion.com,sodapdf.com,inpixio.com,pdfforge.org,discoverygoom.com,defaultsearch.co,explouniverse.com,segoonow.com,ifindit.co,myfiresearch.com,mysearchengine.co,voilasearch.com,ubersearches.com,questhis.com,toptopresults.com,fastestsearch.co,gogosearch.co,simplesearch.co,godaddy.com,wikipedia.org,miit.gov.cn,goo.gl,oculus.com,qq.com,enable-javascript.com,m.me,fbcdn.net,internet.org,youtu.be,internalfb.com,namecheap.com,messenger.com,whatsapp.com,freebasics.com,workplace.com,fb.gg,c5drei.de,lefrenchmelee.fr,amsgaming.in,adobe.com,wordpress.com,sedo.com,gravatar.com,vk.com,wix.com,vimeo.com,europa.eu,baidu.com,github.com,networksolutions.com,amazon.com,shopify.com,dan.com,bit.ly,blogspot.com,filesusr.com,mozilla.org,statcounter.com,tumblr.com,yandex.ru,wa.me,cpanel.net,cpanel.com,jimdo.com,paypal.com,w3.org,bluehost.c

                                                  C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config.cch (copy)

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):962
                                                  Entropy (8bit):3.3616343419482573
                                                  Encrypted:false
                                                  SSDEEP:24:QgdK8pl5AGcLWb2cLbSJwg+lMl57QHKbGcLWb2cLb:QgdK8pleHWb3bSJ/+lMlCHoHWb3b
                                                  MD5:BA891C25F1B50EA6185F4FF7366B279A
                                                  SHA1:D88AEAD9624A22DB8CA3405AE68BF83B48A4E5A5
                                                  SHA-256:3E6AF49CFA58ECF5B362DEA6EDB7E4C17C1C5AE7A7FBE6CBAFBE2BDD10E75C59
                                                  SHA-512:8DFEDCE8EEA9D487068B453EAA46EF7B26EAB73229DCF37D6DA8C94F7343CEE68F1F4D6E0404B0A0B6E50E39F9C37879D6FCCFC05A58FBF498E44FE7B58A1D00
                                                  Malicious:false
                                                  Preview:..................................?H..........................f.i.l.e.:./././.C.:./.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)./.L.a.v.a.s.o.f.t./.W.e.b. .C.o.m.p.a.n.i.o.n./.A.p.p.l.i.c.a.t.i.o.n./.W.e.b.C.o.m.p.a.n.i.o.n...e.x.e...C.o.n.f.i.g...........P.o.l.i.c.y.S.t.a.t.e.m.e.n.t....v.e.r.s.i.o.n...1....P.e.r.m.i.s.s.i.o.n.S.e.t....c.l.a.s.s...S.y.s.t.e.m...S.e.c.u.r.i.t.y...P.e.r.m.i.s.s.i.o.n.S.e.t....v.e.r.s.i.o.n...1....U.n.r.e.s.t.r.i.c.t.e.d...t.r.u.e..........................f.i.l.e.:./././.C.:./.U.s.e.r.s./.h.u.b.e.r.t./.A.p.p.D.a.t.a./.L.o.c.a.l./.L.a.v.a.s.o.f.t./.W.e.b.C.o.m.p.a.n.i.o.n...e.x.e._.U.r.l._.s.i.q.0.l.w.f.3.t.z.g.x.p.2.k.h.f.k.l.l.y.b.k.3.i.d.t.b.e.h.n.g./.9...1...0...9.9.3./.u.s.e.r...c.o.n.f.i.g...........P.o.l.i.c.y.S.t.a.t.e.m.e.n.t....v.e.r.s.i.o.n...1....P.e.r.m.i.s.s.i.o.n.S.e.t....c.l.a.s.s...S.y.s.t.e.m...S.e.c.u.r.i.t.y...P.e.r.m.i.s.s.i.o.n.S.e.t....v.e.r.s.i.o.n...1....U.n.r.e.s.t.r.i.c.t.e.d...t.r.u.e............

                                                  C:\Users\user\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config.cch.new

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):962
                                                  Entropy (8bit):3.3616343419482573
                                                  Encrypted:false
                                                  SSDEEP:24:QgdK8pl5AGcLWb2cLbSJwg+lMl57QHKbGcLWb2cLb:QgdK8pleHWb3bSJ/+lMlCHoHWb3b
                                                  MD5:BA891C25F1B50EA6185F4FF7366B279A
                                                  SHA1:D88AEAD9624A22DB8CA3405AE68BF83B48A4E5A5
                                                  SHA-256:3E6AF49CFA58ECF5B362DEA6EDB7E4C17C1C5AE7A7FBE6CBAFBE2BDD10E75C59
                                                  SHA-512:8DFEDCE8EEA9D487068B453EAA46EF7B26EAB73229DCF37D6DA8C94F7343CEE68F1F4D6E0404B0A0B6E50E39F9C37879D6FCCFC05A58FBF498E44FE7B58A1D00
                                                  Malicious:false
                                                  Preview:..................................?H..........................f.i.l.e.:./././.C.:./.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)./.L.a.v.a.s.o.f.t./.W.e.b. .C.o.m.p.a.n.i.o.n./.A.p.p.l.i.c.a.t.i.o.n./.W.e.b.C.o.m.p.a.n.i.o.n...e.x.e...C.o.n.f.i.g...........P.o.l.i.c.y.S.t.a.t.e.m.e.n.t....v.e.r.s.i.o.n...1....P.e.r.m.i.s.s.i.o.n.S.e.t....c.l.a.s.s...S.y.s.t.e.m...S.e.c.u.r.i.t.y...P.e.r.m.i.s.s.i.o.n.S.e.t....v.e.r.s.i.o.n...1....U.n.r.e.s.t.r.i.c.t.e.d...t.r.u.e..........................f.i.l.e.:./././.C.:./.U.s.e.r.s./.h.u.b.e.r.t./.A.p.p.D.a.t.a./.L.o.c.a.l./.L.a.v.a.s.o.f.t./.W.e.b.C.o.m.p.a.n.i.o.n...e.x.e._.U.r.l._.s.i.q.0.l.w.f.3.t.z.g.x.p.2.k.h.f.k.l.l.y.b.k.3.i.d.t.b.e.h.n.g./.9...1...0...9.9.3./.u.s.e.r...c.o.n.f.i.g...........P.o.l.i.c.y.S.t.a.t.e.m.e.n.t....v.e.r.s.i.o.n...1....P.e.r.m.i.s.s.i.o.n.S.e.t....c.l.a.s.s...S.y.s.t.e.m...S.e.c.u.r.i.t.y...P.e.r.m.i.s.s.i.o.n.S.e.t....v.e.r.s.i.o.n...1....U.n.r.e.s.t.r.i.c.t.e.d...t.r.u.e............

                                                  C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\24a4ohrz.default-release\prefs.js

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:ASCII text, with very long lines (1765)
                                                  Category:dropped
                                                  Size (bytes):11452
                                                  Entropy (8bit):5.415071391196551
                                                  Encrypted:false
                                                  SSDEEP:192:kz4nnutk4Khepyd4mUXaXfNNRvNWPIDgKp8sL97SLaXhD+ueMXofEPS2Cf:kztLvmUc9nHpDJW
                                                  MD5:4528B28C762254842B55DDA91352CB8D
                                                  SHA1:4F44AC91C2CA435FF5FB5466EE336C4DB51C6C69
                                                  SHA-256:F740C006C8F43915F1201964E105B83983BD9B9DD08C98DECEEB321831D87F5B
                                                  SHA-512:966C54995994F84D94D3BF1A3903D9965044E1FE4AE2CA7E3B742FE519CE2F2647189AE3BB8B561D847CAF908CDD45F1AE88667E6386089C09D9DA0B0AB406EC
                                                  Malicious:true
                                                  Preview:// Mozilla User Preferences..// DO NOT EDIT THIS FILE..//.// If you make changes to this file while the application is running,.// the changes will be overwritten when the application exits..//.// To change a preference value, you can either:.// - modify it via the UI (e.g. via about:config in the browser); or.// - set it within a user.js file in your profile...user_pref("app.normandy.first_run", false);.user_pref("app.normandy.migrationsApplied", 12);.user_pref("app.normandy.user_id", "38829aa4-f57e-4fd8-bfd3-d094d57ae30f");.user_pref("app.update.auto.migrated", true);.user_pref("app.update.background.rolledout", true);.user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);.user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696493966);.user_pref("app.update.lastUpdateTime.region-update-timer", 0);.user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696493970);.user_pref("app.update.lastUpdateTime.xpi-signature-verification", 0);.user_pref("ap

                                                  C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.new

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):962
                                                  Entropy (8bit):3.3616343419482573
                                                  Encrypted:false
                                                  SSDEEP:24:QgdK8pl5AGcLWb2cLbSJwg+lMl57QHKbGcLWb2cLb:QgdK8pleHWb3bSJ/+lMlCHoHWb3b
                                                  MD5:BA891C25F1B50EA6185F4FF7366B279A
                                                  SHA1:D88AEAD9624A22DB8CA3405AE68BF83B48A4E5A5
                                                  SHA-256:3E6AF49CFA58ECF5B362DEA6EDB7E4C17C1C5AE7A7FBE6CBAFBE2BDD10E75C59
                                                  SHA-512:8DFEDCE8EEA9D487068B453EAA46EF7B26EAB73229DCF37D6DA8C94F7343CEE68F1F4D6E0404B0A0B6E50E39F9C37879D6FCCFC05A58FBF498E44FE7B58A1D00
                                                  Malicious:false
                                                  Preview:..................................?H..........................f.i.l.e.:./././.C.:./.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)./.L.a.v.a.s.o.f.t./.W.e.b. .C.o.m.p.a.n.i.o.n./.A.p.p.l.i.c.a.t.i.o.n./.W.e.b.C.o.m.p.a.n.i.o.n...e.x.e...C.o.n.f.i.g...........P.o.l.i.c.y.S.t.a.t.e.m.e.n.t....v.e.r.s.i.o.n...1....P.e.r.m.i.s.s.i.o.n.S.e.t....c.l.a.s.s...S.y.s.t.e.m...S.e.c.u.r.i.t.y...P.e.r.m.i.s.s.i.o.n.S.e.t....v.e.r.s.i.o.n...1....U.n.r.e.s.t.r.i.c.t.e.d...t.r.u.e..........................f.i.l.e.:./././.C.:./.U.s.e.r.s./.h.u.b.e.r.t./.A.p.p.D.a.t.a./.L.o.c.a.l./.L.a.v.a.s.o.f.t./.W.e.b.C.o.m.p.a.n.i.o.n...e.x.e._.U.r.l._.s.i.q.0.l.w.f.3.t.z.g.x.p.2.k.h.f.k.l.l.y.b.k.3.i.d.t.b.e.h.n.g./.9...1...0...9.9.3./.u.s.e.r...c.o.n.f.i.g...........P.o.l.i.c.y.S.t.a.t.e.m.e.n.t....v.e.r.s.i.o.n...1....P.e.r.m.i.s.s.i.o.n.S.e.t....c.l.a.s.s...S.y.s.t.e.m...S.e.c.u.r.i.t.y...P.e.r.m.i.s.s.i.o.n.S.e.t....v.e.r.s.i.o.n...1....U.n.r.e.s.t.r.i.c.t.e.d...t.r.u.e............

                                                  C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.new

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):962
                                                  Entropy (8bit):3.3616343419482573
                                                  Encrypted:false
                                                  SSDEEP:24:QgdK8pl5AGcLWb2cLbSJwg+lMl57QHKbGcLWb2cLb:QgdK8pleHWb3bSJ/+lMlCHoHWb3b
                                                  MD5:BA891C25F1B50EA6185F4FF7366B279A
                                                  SHA1:D88AEAD9624A22DB8CA3405AE68BF83B48A4E5A5
                                                  SHA-256:3E6AF49CFA58ECF5B362DEA6EDB7E4C17C1C5AE7A7FBE6CBAFBE2BDD10E75C59
                                                  SHA-512:8DFEDCE8EEA9D487068B453EAA46EF7B26EAB73229DCF37D6DA8C94F7343CEE68F1F4D6E0404B0A0B6E50E39F9C37879D6FCCFC05A58FBF498E44FE7B58A1D00
                                                  Malicious:false
                                                  Preview:..................................?H..........................f.i.l.e.:./././.C.:./.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)./.L.a.v.a.s.o.f.t./.W.e.b. .C.o.m.p.a.n.i.o.n./.A.p.p.l.i.c.a.t.i.o.n./.W.e.b.C.o.m.p.a.n.i.o.n...e.x.e...C.o.n.f.i.g...........P.o.l.i.c.y.S.t.a.t.e.m.e.n.t....v.e.r.s.i.o.n...1....P.e.r.m.i.s.s.i.o.n.S.e.t....c.l.a.s.s...S.y.s.t.e.m...S.e.c.u.r.i.t.y...P.e.r.m.i.s.s.i.o.n.S.e.t....v.e.r.s.i.o.n...1....U.n.r.e.s.t.r.i.c.t.e.d...t.r.u.e..........................f.i.l.e.:./././.C.:./.U.s.e.r.s./.h.u.b.e.r.t./.A.p.p.D.a.t.a./.L.o.c.a.l./.L.a.v.a.s.o.f.t./.W.e.b.C.o.m.p.a.n.i.o.n...e.x.e._.U.r.l._.s.i.q.0.l.w.f.3.t.z.g.x.p.2.k.h.f.k.l.l.y.b.k.3.i.d.t.b.e.h.n.g./.9...1...0...9.9.3./.u.s.e.r...c.o.n.f.i.g...........P.o.l.i.c.y.S.t.a.t.e.m.e.n.t....v.e.r.s.i.o.n...1....P.e.r.m.i.s.s.i.o.n.S.e.t....c.l.a.s.s...S.y.s.t.e.m...S.e.c.u.r.i.t.y...P.e.r.m.i.s.s.i.o.n.S.e.t....v.e.r.s.i.o.n...1....U.n.r.e.s.t.r.i.c.t.e.d...t.r.u.e............

                                                  C:\Windows\Microsoft.NET\Framework\v2.0.50727\config\enterprisesec.config.cch (copy)

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):962
                                                  Entropy (8bit):3.3616343419482573
                                                  Encrypted:false
                                                  SSDEEP:24:QgdK8pl5AGcLWb2cLbSJwg+lMl57QHKbGcLWb2cLb:QgdK8pleHWb3bSJ/+lMlCHoHWb3b
                                                  MD5:BA891C25F1B50EA6185F4FF7366B279A
                                                  SHA1:D88AEAD9624A22DB8CA3405AE68BF83B48A4E5A5
                                                  SHA-256:3E6AF49CFA58ECF5B362DEA6EDB7E4C17C1C5AE7A7FBE6CBAFBE2BDD10E75C59
                                                  SHA-512:8DFEDCE8EEA9D487068B453EAA46EF7B26EAB73229DCF37D6DA8C94F7343CEE68F1F4D6E0404B0A0B6E50E39F9C37879D6FCCFC05A58FBF498E44FE7B58A1D00
                                                  Malicious:false
                                                  Preview:..................................?H..........................f.i.l.e.:./././.C.:./.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)./.L.a.v.a.s.o.f.t./.W.e.b. .C.o.m.p.a.n.i.o.n./.A.p.p.l.i.c.a.t.i.o.n./.W.e.b.C.o.m.p.a.n.i.o.n...e.x.e...C.o.n.f.i.g...........P.o.l.i.c.y.S.t.a.t.e.m.e.n.t....v.e.r.s.i.o.n...1....P.e.r.m.i.s.s.i.o.n.S.e.t....c.l.a.s.s...S.y.s.t.e.m...S.e.c.u.r.i.t.y...P.e.r.m.i.s.s.i.o.n.S.e.t....v.e.r.s.i.o.n...1....U.n.r.e.s.t.r.i.c.t.e.d...t.r.u.e..........................f.i.l.e.:./././.C.:./.U.s.e.r.s./.h.u.b.e.r.t./.A.p.p.D.a.t.a./.L.o.c.a.l./.L.a.v.a.s.o.f.t./.W.e.b.C.o.m.p.a.n.i.o.n...e.x.e._.U.r.l._.s.i.q.0.l.w.f.3.t.z.g.x.p.2.k.h.f.k.l.l.y.b.k.3.i.d.t.b.e.h.n.g./.9...1...0...9.9.3./.u.s.e.r...c.o.n.f.i.g...........P.o.l.i.c.y.S.t.a.t.e.m.e.n.t....v.e.r.s.i.o.n...1....P.e.r.m.i.s.s.i.o.n.S.e.t....c.l.a.s.s...S.y.s.t.e.m...S.e.c.u.r.i.t.y...P.e.r.m.i.s.s.i.o.n.S.e.t....v.e.r.s.i.o.n...1....U.n.r.e.s.t.r.i.c.t.e.d...t.r.u.e............

                                                  C:\Windows\Microsoft.NET\Framework\v2.0.50727\config\security.config.cch (copy)

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):962
                                                  Entropy (8bit):3.3616343419482573
                                                  Encrypted:false
                                                  SSDEEP:24:QgdK8pl5AGcLWb2cLbSJwg+lMl57QHKbGcLWb2cLb:QgdK8pleHWb3bSJ/+lMlCHoHWb3b
                                                  MD5:BA891C25F1B50EA6185F4FF7366B279A
                                                  SHA1:D88AEAD9624A22DB8CA3405AE68BF83B48A4E5A5
                                                  SHA-256:3E6AF49CFA58ECF5B362DEA6EDB7E4C17C1C5AE7A7FBE6CBAFBE2BDD10E75C59
                                                  SHA-512:8DFEDCE8EEA9D487068B453EAA46EF7B26EAB73229DCF37D6DA8C94F7343CEE68F1F4D6E0404B0A0B6E50E39F9C37879D6FCCFC05A58FBF498E44FE7B58A1D00
                                                  Malicious:false
                                                  Preview:..................................?H..........................f.i.l.e.:./././.C.:./.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)./.L.a.v.a.s.o.f.t./.W.e.b. .C.o.m.p.a.n.i.o.n./.A.p.p.l.i.c.a.t.i.o.n./.W.e.b.C.o.m.p.a.n.i.o.n...e.x.e...C.o.n.f.i.g...........P.o.l.i.c.y.S.t.a.t.e.m.e.n.t....v.e.r.s.i.o.n...1....P.e.r.m.i.s.s.i.o.n.S.e.t....c.l.a.s.s...S.y.s.t.e.m...S.e.c.u.r.i.t.y...P.e.r.m.i.s.s.i.o.n.S.e.t....v.e.r.s.i.o.n...1....U.n.r.e.s.t.r.i.c.t.e.d...t.r.u.e..........................f.i.l.e.:./././.C.:./.U.s.e.r.s./.h.u.b.e.r.t./.A.p.p.D.a.t.a./.L.o.c.a.l./.L.a.v.a.s.o.f.t./.W.e.b.C.o.m.p.a.n.i.o.n...e.x.e._.U.r.l._.s.i.q.0.l.w.f.3.t.z.g.x.p.2.k.h.f.k.l.l.y.b.k.3.i.d.t.b.e.h.n.g./.9...1...0...9.9.3./.u.s.e.r...c.o.n.f.i.g...........P.o.l.i.c.y.S.t.a.t.e.m.e.n.t....v.e.r.s.i.o.n...1....P.e.r.m.i.s.s.i.o.n.S.e.t....c.l.a.s.s...S.y.s.t.e.m...S.e.c.u.r.i.t.y...P.e.r.m.i.s.s.i.o.n.S.e.t....v.e.r.s.i.o.n...1....U.n.r.e.s.t.r.i.c.t.e.d...t.r.u.e............

                                                  C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\026A86A161D256DBB33076EDF20C0E5E_86AB612B21DEDF3B8CD155ED2E4114FF

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):812
                                                  Entropy (8bit):7.47604375171871
                                                  Encrypted:false
                                                  SSDEEP:24:5FtKGBz4jRsYPkJrY4zFS02It7S0p+vT5:/tKzRBPktxn2I1SOU
                                                  MD5:C930736F83FB0CD4C01787BB61D2A04B
                                                  SHA1:D27C3FF1A3AA66E33FEC1CE6FA4F67F58946637C
                                                  SHA-256:643EDA261DB1C399EB61F8B90246037604AB319118EE648D06BE862BE2677859
                                                  SHA-512:12C640E68D15BF49924454FA147876D41500AABBBC4AB02F975B8F521C637AD2212C07263D9048F7D38BAE3468865A485015F09921293A424AA9902208FA7ABF
                                                  Malicious:false
                                                  Preview:0..(......!0.....+.....0......0...0..k0i1.0...U....US1.0...U....Entrust, Inc.1B0@..U...9Entrust Code Signing Root Certification Authority - CSBR1..20240626144300Z0s0q0I0...+........k..E<L.L.j.Q..9@XZ......=...q.7....i5W...5..{.4.j...F.15+....20240626140000Z....20250626135959Z0...*.H...............t..uF.I7..<.a..iC...eC....%..#...$XW.W...B.7.w..2.....MT4UU..$..^g..(.E.....x...o.0......l.L...6....3.pU.......].-/.~...7..%.>~.kJ....-Us.t........K|.W..0o.j.K.P.:.....?+4...4{/.72Nk...>.)....T6.\...k.V...ry....i5.6dE..J.-'.:G.A.:....4V....>...x..#..xu.._...>.....}.D@..Rk..1.0.....2.=.."r........,.5.i....s......U..m..6K.x...B.....b.........L5U..4oH.......p...^..U.a..3iLA...s>aL..3. %tQ..+T.F.wR... .A..m.>..4.].5.L"Zu(.m.1..8.......$0.s.P...yo.i..`o`..\....HG.h(e).P..fZ.o6

                                                  C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A37B8BA80004D3266CB4D93B2052DC10_EBDB5A7037F08CDFB408DBFC0D44B43D

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):1580
                                                  Entropy (8bit):7.468877161931592
                                                  Encrypted:false
                                                  SSDEEP:24:DjCwVnjCEnfSICjSHu7lvOuTuylcU8hsf52QnjCEB7/Iajl6E0YDRW/KrtFgEj0:CAnj6uHu7ZOuRlcU8hsFnjx/bP7tS5
                                                  MD5:1C8B5AD615068F2434E1706EB3F2897B
                                                  SHA1:0F72E1A2FE2487E26979C28629FE5001DFDB0A35
                                                  SHA-256:F1796499AB5E1C22460C608C6E2DCFA3F0DE654D4B1EFE4D868880A74FCAB180
                                                  SHA-512:A08B10F5A6BD5BA7C62ED31EA8048603C4FB07DC95762BEB65E4CB775A87D808A9C36937639EC60F8E8A4F113AC0DEDE9973AAD3DBB52D8D96A5372C7736C1BD
                                                  Malicious:false
                                                  Preview:0..(......!0.....+.....0......0...0..H0F1.0...U....US1.0...U....Entrust1%0#..U....Entrust Validation Authority..20240721232200Z0s0q0I0...+.........\...a......A[B'...jr&z...}.;iQ.l....f...N@.7T......Q......20240721230000Z....20240728225959Z0...*.H.............X..W...&-\..P..7?...`.P.6..s..-.a7.*)V[..(.;N......].lb........4..BZ...#......!....G..[U..|!...C....dl"...Rw.'+.2p3.#...j..MK.....:...S.Z.P4.R.}....{...I..(.[h>.EE...6....9K.xd...{.+.`..d.|.}..M..?m.;.f....y.EN..^..'......-){:r..&K...<^aj....0...0...0...........;.h....,..N..0...*.H........0..1.0...U....US1.0...U....Entrust, Inc.1(0&..U....See www.entrust.net/legal-terms1907..U...0(c) 2009 Entrust, Inc. - for authorized use only1200..U...)Entrust Root Certification Authority - G20...240626145745Z..250626145744Z0F1.0...U....US1.0...U....Entrust1%0#..U....Entrust Validation Authority0.."0...*.H.............0..............3x.F.'.B..$..-..P@.M....]e..4.B.K..6..p.dk#m'.I.0}X.|...'...8.h..=.....;......<-...n....

                                                  C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\AF360AACB1570042DEFBC833317997D0_684EE07DA693FF51901FCCD35B88A7C0

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):806
                                                  Entropy (8bit):7.535894266951264
                                                  Encrypted:false
                                                  SSDEEP:24:UpwUZImCamv8OR/WTqX5ve4zPNlkYyJMUCN63:7UZTCF/ZleCN+YgMUCA3
                                                  MD5:521BE6FC1141C170A0583713CA76158A
                                                  SHA1:FBA1C45078A7FE19BA25FC156CABC4E6EF5E350D
                                                  SHA-256:C30DCE2EB8AADF6ECFE15F7641D0784024B1EB4C460DC4C5CDD147FF0D179C1C
                                                  SHA-512:BA1CE054E99DF7B70175B88B8BB67A43844EEAA944C48565D17DC42CED2186E2128CFCA5DEDD3B4CE9D0952857581425F7FCF7BC2B3017E62EE728479B5AB78C
                                                  Malicious:false
                                                  Preview:0..".......0.....+.....0......0...0..e0c1.0...U....US1.0...U....Entrust, Inc.1<0:..U...3Entrust Extended Validation Code Signing CA - EVCS2..20240722073400Z0s0q0I0...+........i.d.)...r ..'d{....*...O.Q....b.1#a.a...x..t.J4.e)'~..9*.....20240722070000Z....20240729065959Z0...*.H.....................A...Y.U7.7....Z.u.w.{l.(.=!w..G)..[.#....'.T.F..B...5 {.~.}_....wL.+q..N.4.I...v.....a....{..?...........R...re...|...-.j.Z(..Z'..4$G....`.k.z.U.Ar.OI".X..k.......`s...$..../:kJ.n%......8B...O .....rc..-. D ..........}..kd....#.u...J..j..mT..o.A..x..Muz./.5....@..9]3...P......!....'}"W...I...v.. .-.....Hd.NFDc...<.......~)...........u.~..............v..... ..C....&..i....YG.....|.H....i.y.;..L..Z .U..I.\m.......XS....7......._..H..Fv.9..k\LFc.7.~..<.i....c'}...$..k!.V...X...%

                                                  C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\026A86A161D256DBB33076EDF20C0E5E_86AB612B21DEDF3B8CD155ED2E4114FF

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):540
                                                  Entropy (8bit):3.9376992089325387
                                                  Encrypted:false
                                                  SSDEEP:12:ec/B7PHXiv8sFz06VKMaG7uUyHuYlFDoR/cS6gEZ:dBjHYvZvdEIUaO
                                                  MD5:E68FDFDD0CADF1F46252968CFC4261FD
                                                  SHA1:9C1F91F0A419EF1A86D2E82DC9F9BFF8A2B28254
                                                  SHA-256:5D0EFCECBC1B4F6C4D6553D67FD9DEE43C5425E3CCC92D7C9547F1CB8F4896AB
                                                  SHA-512:6FA0BF85EC7E2022777F897E6418C71934B666331228E70AA9421F3376976C07E90040606C3EA59BFDF95F7D53D21C44D0B241497DF21EDDF268BF41C97F9A8F
                                                  Malicious:false
                                                  Preview:p...... ....".....O(%...(................0e".....Y.......................Y...... ........0e"....................,...h.t.t.p.:././.o.c.s.p...e.n.t.r.u.s.t...n.e.t./.M.F.E.w.T.z.B.N.M.E.s.w.S.T.A.J.B.g.U.r.D.g.M.C.G.g.U.A.B.B.R.r.2.b.w.A.R.T.x.M.t.E.y.9.a.s.p.R.A.Z.g.5.Q.F.h.a.g.Q.Q.U.g.r.r.W.P.Z.f.O.n.8.9.x.6.J.I.3.r.%.2.F.2.z.t.W.k.1.V.8.8.C.E.D.W.v.t.3.u.d.N.B.9.q.%.2.F.I.%.2.B.E.R.q.s.x.N.S.s.%.3.D...".6.4.3.E.D.A.2.6.1.D.B.1.C.3.9.9.E.B.6.1.F.8.B.9.0.2.4.6.0.3.7.6.0.4.A.B.3.1.9.1.1.8.E.E.6.4.8.D.0.6.B.E.8.6.2.B.E.2.6.7.7.8.5.9."...

                                                  C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A37B8BA80004D3266CB4D93B2052DC10_EBDB5A7037F08CDFB408DBFC0D44B43D

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):528
                                                  Entropy (8bit):3.9418694497832463
                                                  Encrypted:false
                                                  SSDEEP:12:0vpnAHXiv8sFLTr38VQlkNbfH51y3wxT5uzAxq:wpAHYvNrgbBvV5uzAI
                                                  MD5:18C29829F5D8D0DA571439C72AD9451F
                                                  SHA1:95A907E09CF4A7C0A121A1CE7CDED171BCD63B56
                                                  SHA-256:4D549501CA9F4163D84564F12B0A5EE10CE43F06928CD4E39C0B86484B8DE7EA
                                                  SHA-512:CCFD3EB6048D6B866130E644195C07075657C0A415FA35F938EB9D7B11531B9984A918B81381A040BB1EDC8FD110DFA31855F962117D50B8F8FB7F1D116757EC
                                                  Malicious:false
                                                  Preview:p...... ........T>+(%...(........................A..A....................A..A... ...............!...............,...h.t.t.p.:././.o.c.s.p...e.n.t.r.u.s.t...n.e.t./.M.F.E.w.T.z.B.N.M.E.s.w.S.T.A.J.B.g.U.r.D.g.M.C.G.g.U.A.B.B.T.L.X.N.C.z.D.v.B.h.H.e.c.W.j.g.7.0.i.J.h.B.W.0.I.n.y.w.Q.U.a.n.I.m.e.t.A.e.7.3.3.n.O.2.l.R.1.G.y.N.n.5.A.S.Z.q.s.C.E.E.5.A.5.D.d.U.7.e.a.M.A.A.A.A.A.F.H.T.l.H.8.%.3.D...".F.1.7.9.6.4.9.9.A.B.5.E.1.C.2.2.4.6.0.C.6.0.8.C.6.E.2.D.C.F.A.3.F.0.D.E.6.5.4.D.4.B.1.E.F.E.4.D.8.6.8.8.8.0.A.7.4.F.C.A.B.1.8.0."...

                                                  C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\AF360AACB1570042DEFBC833317997D0_684EE07DA693FF51901FCCD35B88A7C0

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
                                                  File Type:data
                                                  Category:dropped
                                                  Size (bytes):540
                                                  Entropy (8bit):3.973219084146382
                                                  Encrypted:false
                                                  SSDEEP:12:P5/nYZHXiv8sFkOmTP4ws/WyX2iZ2iy5MVJzQlv:hfYZHYvuOmT2WLiZ28VJslv
                                                  MD5:B99BB12C3EB86E70922FCE8109F336CD
                                                  SHA1:F7952D797D47509E14A210836CEFF149E08873D0
                                                  SHA-256:959B8A164252A94F104F7DE6E6F6AE874FEAEC71CE6A3D145647FB8E1AE88C03
                                                  SHA-512:E6E9A475674384864632BC557CA3F3470FC0F862551DBA89EFF68224A3842A175C29205B913D00752772E1EEDBE0808544DBF63486FF9369FABA8D226CF6F555
                                                  Malicious:false
                                                  Preview:p...... ...."...Y.r(%...(..................................................... ...............}...............&...h.t.t.p.:././.o.c.s.p...e.n.t.r.u.s.t...n.e.t./.M.F.E.w.T.z.B.N.M.E.s.w.S.T.A.J.B.g.U.r.D.g.M.C.G.g.U.A.B.B.R.p.%.2.B.m.Q.D.K.a.u.E.4.n.I.g.%.2.F.g.k.n.Z.H.u.B.l.L.k.f.K.g.Q.U.z.o.l.P.g.l.G.q.F.a.K.E.Y.s.o.x.I.2.H.S.Y.f.v.4.%.2.F.n.g.C.E.H.T.v.S.j.T.p.o.G.U.p.J.3.7.O.B.z.k.q.8.u.U.%.3.D...".C.3.0.D.C.E.2.E.B.8.A.A.D.F.6.E.C.F.E.1.5.F.7.6.4.1.D.0.7.8.4.0.2.4.B.1.E.B.4.C.4.6.0.D.C.4.C.5.C.D.D.1.4.7.F.F.0.D.1.7.9.C.1.C."...

                                                  C:\Windows\System32\drivers\SET9770.tmp

                                                  Download File
                                                  Process:C:\Windows\System32\rundll32.exe
                                                  File Type:PE32+ executable (native) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):800672
                                                  Entropy (8bit):6.427490885202283
                                                  Encrypted:false
                                                  SSDEEP:24576:TW3je01Io/rAYd/cg3NuRoB4Qn5ZTQuzfSuKRDSqLP6z5BLM5:a3jp1Io/rn/cgduRoB4Q5ZTQuzfShDSs
                                                  MD5:2A241AF18D9F0466AFF6CD77C1561F9B
                                                  SHA1:2C6BFC8E583ED026FDF9EC01265D99E22D39305A
                                                  SHA-256:528804013487CDB1DA617E512D1DE68060602887BCC8A7822BDB1346A2995FFD
                                                  SHA-512:6779667BB57C87FDBF4DEE57682E7851B5AD5BEA39DEB09FCB596AE48EB571317749FF59E825F91BD57527DAB7477DEAC5B24BDBD86471844FAD36876C08DD28
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........."?.Ll.Ll.Ll..Jm.Ll...l.Ll...l.Ll..Mm.Ll.Mlq.Ll..Om.Ll..Hm.Ll;.Im..Ll;.l.Ll;.Nm.LlRich.Ll................PE..d...#$&a.........."..........:......p..........@.............................p.............A....................................................d....P..`........i.......!...`.......D..T...........................0E..................h............................text............................... ..`PAGE....6".......$.................. ..`.rdata..............................@..@.data... ...........................@....pdata...i.......j..................@..@INIT....b....@...................... ..b.rsrc...`....P......................@..B.reloc.......`......................@..B........................................................................................................................................................................

                                                  C:\Windows\appcompat\Programs\Amcache.hve

                                                  Download File
                                                  Process:C:\Windows\SysWOW64\WerFault.exe
                                                  File Type:MS Windows registry file, NT/2000 or above
                                                  Category:dropped
                                                  Size (bytes):1835008
                                                  Entropy (8bit):4.372614263269754
                                                  Encrypted:false
                                                  SSDEEP:6144:fFVfpi6ceLP/9skLmb0NyWWSPtaJG8nAge35OlMMhA2AX4WABlguNUiL:NV1TyWWI/glMM6kF7Gq
                                                  MD5:FEB2BF847D0A71861D6F183A13C2A4A0
                                                  SHA1:154CCAB0445A590F8DE8EA452D6C0E8F0A150196
                                                  SHA-256:2744749399EAB4F4557670BE5A63BDA3860347F34793E028C96EC6B28DFFB446
                                                  SHA-512:CDC876EB2A5AA347BC40323B99BC8526AA8A0B5BFDA297A923803D5AE902A4C091453D2C8C39AF6FE574E64213E62FBBC9C8B279D310B16C4D814987F1F0BCAE
                                                  Malicious:false
                                                  Preview:regfE...E....\.Z.................... ....0......\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e....c...b...#.......c...b...#...........c...b...#......rmtm.~$.$.................................................................................................................................................................................................................................................................................................................................................2.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                  C:\Windows\assembly\Desktop.ini

                                                  Download File
                                                  Process:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  File Type:Windows desktop.ini
                                                  Category:dropped
                                                  Size (bytes):227
                                                  Entropy (8bit):5.2735028737400205
                                                  Encrypted:false
                                                  SSDEEP:6:a1eZBXVNYTF0NwoScUbtSgyAXIWv7v5PMKq:UeZBFNYTswUq1r5zq
                                                  MD5:F7F759A5CD40BC52172E83486B6DE404
                                                  SHA1:D74930F354A56CFD03DC91AA96D8AE9657B1EE54
                                                  SHA-256:A709C2551B8818D7849D31A65446DC2F8C4CCA2DCBBC5385604286F49CFDAF1C
                                                  SHA-512:A50B7826BFE72506019E4B1148A214C71C6F4743C09E809EF15CD0E0223F3078B683D203200910B07B5E1E34B94F0FE516AC53527311E2943654BFCEADE53298
                                                  Malicious:false
                                                  Preview:; ==++==..; ..; Copyright (c) Microsoft Corporation. All rights reserved...; ..; ==--==..[.ShellClassInfo]..CLSID={1D2680C9-0E2A-469d-B787-065558BC7D43}..ConfirmFileOp=1..InfoTip=Contains application stability information...

                                                  C:\Windows\system32\DRIVERS\bddci.sys (copy)

                                                  Download File
                                                  Process:C:\Windows\System32\rundll32.exe
                                                  File Type:PE32+ executable (native) x86-64, for MS Windows
                                                  Category:dropped
                                                  Size (bytes):800672
                                                  Entropy (8bit):6.427490885202283
                                                  Encrypted:false
                                                  SSDEEP:24576:TW3je01Io/rAYd/cg3NuRoB4Qn5ZTQuzfSuKRDSqLP6z5BLM5:a3jp1Io/rn/cgduRoB4Q5ZTQuzfShDSs
                                                  MD5:2A241AF18D9F0466AFF6CD77C1561F9B
                                                  SHA1:2C6BFC8E583ED026FDF9EC01265D99E22D39305A
                                                  SHA-256:528804013487CDB1DA617E512D1DE68060602887BCC8A7822BDB1346A2995FFD
                                                  SHA-512:6779667BB57C87FDBF4DEE57682E7851B5AD5BEA39DEB09FCB596AE48EB571317749FF59E825F91BD57527DAB7477DEAC5B24BDBD86471844FAD36876C08DD28
                                                  Malicious:true
                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........."?.Ll.Ll.Ll..Jm.Ll...l.Ll...l.Ll..Mm.Ll.Mlq.Ll..Om.Ll..Hm.Ll;.Im..Ll;.l.Ll;.Nm.LlRich.Ll................PE..d...#$&a.........."..........:......p..........@.............................p.............A....................................................d....P..`........i.......!...`.......D..T...........................0E..................h............................text............................... ..`PAGE....6".......$.................. ..`.rdata..............................@..@.data... ...........................@....pdata...i.......j..................@..@INIT....b....@...................... ..b.rsrc...`....P......................@..B.reloc.......`......................@..B........................................................................................................................................................................

                                                  \Device\ConDrv

                                                  Download File
                                                  Process:C:\Windows\System32\netsh.exe
                                                  File Type:ASCII text, with CRLF line terminators
                                                  Category:dropped
                                                  Size (bytes):99
                                                  Entropy (8bit):4.325646299814427
                                                  Encrypted:false
                                                  SSDEEP:3:j7DsRKMSSKdidXHvMOF/d459FgXAEBQWpwa:jTdsHU8G592QdWea
                                                  MD5:488F6C94D5E6F3515F1380447E912B18
                                                  SHA1:98AC04AAC92510BACDA68078FE85E6D0FAFAA9B3
                                                  SHA-256:D533F870C250189D9F6A5F8BE86CAEF46C3C7CF3E0197ED9FE4C6E5418D0BE8C
                                                  SHA-512:09B968112E9D8EF4E0E7D1F57D6D55A147CA9542BCADC8BD75E84EF35E5498D47C55ECA0DB5D40AA01E382E662C5E76889924EBFCA5D8CC52B13F5360F452924
                                                  Malicious:false
                                                  Preview:..Url reservation add failed, Error: 183..Cannot create a file when that file already exists.......

                                                  Static File Info

                                                  General

                                                  File type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                                                  Entropy (8bit):7.999661029957062
                                                  TrID:
                                                  • Win32 Executable (generic) a (10002005/4) 99.96%
                                                  • Generic Win/DOS Executable (2004/3) 0.02%
                                                  • DOS Executable Generic (2002/1) 0.02%
                                                  • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                  File name:FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  File size:12'417'936 bytes
                                                  MD5:ac97e64c3e2e865c50155dfdffe5428a
                                                  SHA1:d473e2d49e908e6d1abfa614c55bdae485508153
                                                  SHA256:6113a3f7c9469fcd9b53ea3ecb16bbefb71318af2864ae0a74a8fb633a05f24a
                                                  SHA512:fd43745695ad835e06bad9341b1a1149996a67ee3e15bacf29ac537ddd5857e7551331acfe4fd40679f892da8012d79cd4ce446854503e77086cd4b7893fa6f9
                                                  SSDEEP:196608:L/+plSWtW9Ee+owH4x1FqZ4OpcTKIgBe/cOkeoNF/xQXS8+waJDPRdF+yF:L/elbwx+PE1ocTKI4eklNkXS8xaN5d3
                                                  TLSH:59C633D85BC8C37AE42C47B90B2F1162DBA69E5154EF4356CCC5BC437A0A297FE13A18
                                                  File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1 ..PN..PN..PN.*_...PN..PO.JPN.*_...PN..s~..PN..VH..PN.Rich.PN.........................PE..L...g..d.................h...".....

                                                  File Icon

                                                  Icon Hash:c769eccc64f6e2bb

                                                  Static PE Info

                                                  General

                                                  Entrypoint:0x403645
                                                  Entrypoint Section:.text
                                                  Digitally signed:true
                                                  Imagebase:0x400000
                                                  Subsystem:windows gui
                                                  Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
                                                  DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                                  Time Stamp:0x64A0DC67 [Sun Jul 2 02:09:43 2023 UTC]
                                                  TLS Callbacks:
                                                  CLR (.Net) Version:
                                                  OS Version Major:4
                                                  OS Version Minor:0
                                                  File Version Major:4
                                                  File Version Minor:0
                                                  Subsystem Version Major:4
                                                  Subsystem Version Minor:0
                                                  Import Hash:9dda1a1d1f8a1d13ae0297b47046b26e

                                                  Authenticode Signature

                                                  Signature Valid:true
                                                  Signature Issuer:CN=Sectigo Public Code Signing CA R36, O=Sectigo Limited, C=GB
                                                  Signature Validation Error:The operation completed successfully
                                                  Error Number:0
                                                  Not Before, Not After
                                                  • 18/02/2022 01:00:00 18/02/2025 00:59:59
                                                  Subject Chain
                                                  • CN=Tim Kosse, O=Tim Kosse, S=Nordrhein-Westfalen, C=DE
                                                  Version:3
                                                  Thumbprint MD5:D2F88AEA5C53DD7092E3CD7246907BE2
                                                  Thumbprint SHA-1:E57CE01F6A5E1D4C522BC68488AF53D9BAD13AB7
                                                  Thumbprint SHA-256:ED619A9A79713E12FFB757CF8A51BBA89FBB967EC6223C653F1F8932B0E2A25A
                                                  Serial:31830C370AD7E497633B6EB3A02D69E6

                                                  Entrypoint Preview

                                                  Instruction
                                                  sub esp, 000003F8h
                                                  push ebp
                                                  push esi
                                                  push edi
                                                  push 00000020h
                                                  pop edi
                                                  xor ebp, ebp
                                                  push 00008001h
                                                  mov dword ptr [esp+20h], ebp
                                                  mov dword ptr [esp+18h], 0040A230h
                                                  mov dword ptr [esp+14h], ebp
                                                  call dword ptr [004080A0h]
                                                  mov esi, dword ptr [004080A4h]
                                                  lea eax, dword ptr [esp+34h]
                                                  push eax
                                                  mov dword ptr [esp+4Ch], ebp
                                                  mov dword ptr [esp+0000014Ch], ebp
                                                  mov dword ptr [esp+00000150h], ebp
                                                  mov dword ptr [esp+38h], 0000011Ch
                                                  call esi
                                                  test eax, eax
                                                  jne 00007F4C7531BC2Ah
                                                  lea eax, dword ptr [esp+34h]
                                                  mov dword ptr [esp+34h], 00000114h
                                                  push eax
                                                  call esi
                                                  mov ax, word ptr [esp+48h]
                                                  mov ecx, dword ptr [esp+62h]
                                                  sub ax, 00000053h
                                                  add ecx, FFFFFFD0h
                                                  neg ax
                                                  sbb eax, eax
                                                  mov byte ptr [esp+0000014Eh], 00000004h
                                                  not eax
                                                  and eax, ecx
                                                  mov word ptr [esp+00000148h], ax
                                                  cmp dword ptr [esp+38h], 0Ah
                                                  jnc 00007F4C7531BBF8h
                                                  and word ptr [esp+42h], 0000h
                                                  mov eax, dword ptr [esp+40h]
                                                  movzx ecx, byte ptr [esp+3Ch]
                                                  mov dword ptr [00429B18h], eax
                                                  xor eax, eax
                                                  mov ah, byte ptr [esp+38h]
                                                  movzx eax, ax
                                                  or eax, ecx
                                                  xor ecx, ecx
                                                  mov ch, byte ptr [esp+00000148h]
                                                  movzx ecx, cx
                                                  shl eax, 10h
                                                  or eax, ecx
                                                  movzx ecx, byte ptr [esp+0000004Eh]

                                                  Rich Headers

                                                  Programming Language:
                                                  • [EXP] VC++ 6.0 SP5 build 8804

                                                  Data Directories

                                                  NameVirtual AddressVirtual Size Is in Section
                                                  IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                  IMAGE_DIRECTORY_ENTRY_IMPORT0x84fc0xa0.rdata
                                                  IMAGE_DIRECTORY_ENTRY_RESOURCE0x6a0000xa3a0.rsrc
                                                  IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                  IMAGE_DIRECTORY_ENTRY_SECURITY0xbd4b480x3048
                                                  IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                  IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                  IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                  IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                  IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                  IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                  IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                  IMAGE_DIRECTORY_ENTRY_IAT0x80000x2a8.rdata
                                                  IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                  IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                  IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                  Sections

                                                  NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                  .text0x10000x66b70x6800e65344ac983813901119e185754ec24eFalse0.6607196514423077data6.4378696011937135IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                  .rdata0x80000x13580x1400bd82d08a08da8783923a22b467699302False0.4431640625data5.103358601944578IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                  .data0xa0000x1fb780x600caa377d001cfc3215a3edff6d7702132False0.5091145833333334data4.126209888385862IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                  .ndata0x2a0000x400000x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                  .rsrc0x6a0000xa3a00xa40019461ce50ea1a1c3b9135c6e656e070fFalse0.6042301829268293data6.5733049598238456IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                  Resources

                                                  NameRVASizeTypeLanguageCountryZLIB Complexity
                                                  RT_BITMAP0x6a3a00x666Device independent bitmap graphic, 96 x 16 x 8, image size 1538, resolution 2868 x 2868 px/m, 15 important colorsEnglishUnited States0.18192918192918192
                                                  RT_ICON0x6aa080x485dPNG image data, 256 x 256, 8-bit/color RGBA, non-interlacedEnglishUnited States1.000863697705803
                                                  RT_ICON0x6f2680x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 9216EnglishUnited States0.1892116182572614
                                                  RT_ICON0x718100xea8Device independent bitmap graphic, 48 x 96 x 8, image size 2304EnglishUnited States0.34808102345415776
                                                  RT_ICON0x726b80x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 1024EnglishUnited States0.3993682310469314
                                                  RT_ICON0x72f600x568Device independent bitmap graphic, 16 x 32 x 8, image size 256EnglishUnited States0.3432080924855491
                                                  RT_DIALOG0x734c80xb4dataEnglishUnited States0.6111111111111112
                                                  RT_DIALOG0x735800x120dataEnglishUnited States0.5138888888888888
                                                  RT_DIALOG0x736a00x158dataEnglishUnited States0.5261627906976745
                                                  RT_DIALOG0x737f80x202dataEnglishUnited States0.4085603112840467
                                                  RT_DIALOG0x73a000xf8dataEnglishUnited States0.6290322580645161
                                                  RT_DIALOG0x73af80xa0dataEnglishUnited States0.60625
                                                  RT_DIALOG0x73b980xeedataEnglishUnited States0.6302521008403361
                                                  RT_GROUP_ICON0x73c880x4cdataEnglishUnited States0.7763157894736842
                                                  RT_VERSION0x73cd80x2a0dataEnglishUnited States0.47470238095238093
                                                  RT_MANIFEST0x73f780x423XML 1.0 document, ASCII text, with very long lines (1059), with no line terminatorsEnglishUnited States0.5127478753541076

                                                  Imports

                                                  DLLImport
                                                  ADVAPI32.dllRegEnumValueW, RegEnumKeyW, RegQueryValueExW, RegSetValueExW, RegCloseKey, RegDeleteValueW, RegDeleteKeyW, AdjustTokenPrivileges, LookupPrivilegeValueW, OpenProcessToken, RegOpenKeyExW, RegCreateKeyExW
                                                  SHELL32.dllSHGetPathFromIDListW, SHBrowseForFolderW, SHGetFileInfoW, SHFileOperationW, ShellExecuteExW
                                                  ole32.dllCoCreateInstance, OleUninitialize, OleInitialize, IIDFromString, CoTaskMemFree
                                                  COMCTL32.dllImageList_Destroy, ImageList_AddMasked, ImageList_Create
                                                  USER32.dllMessageBoxIndirectW, GetDlgItemTextW, SetDlgItemTextW, CreatePopupMenu, AppendMenuW, TrackPopupMenu, OpenClipboard, EmptyClipboard, SetClipboardData, CloseClipboard, IsWindowVisible, CallWindowProcW, GetMessagePos, CheckDlgButton, LoadCursorW, SetCursor, GetSysColor, SetWindowPos, GetWindowLongW, IsWindowEnabled, SetClassLongW, GetSystemMenu, EnableMenuItem, GetWindowRect, ScreenToClient, EndDialog, RegisterClassW, SystemParametersInfoW, CharPrevW, GetClassInfoW, DialogBoxParamW, CharNextW, ExitWindowsEx, DestroyWindow, CreateDialogParamW, SetTimer, SetWindowTextW, PostQuitMessage, SetForegroundWindow, ShowWindow, wsprintfW, SendMessageTimeoutW, FindWindowExW, IsWindow, GetDlgItem, SetWindowLongW, LoadImageW, GetDC, ReleaseDC, EnableWindow, InvalidateRect, SendMessageW, DefWindowProcW, BeginPaint, GetClientRect, FillRect, DrawTextW, EndPaint, CharNextA, wsprintfA, DispatchMessageW, CreateWindowExW, PeekMessageW, GetSystemMetrics
                                                  GDI32.dllGetDeviceCaps, SetBkColor, SelectObject, DeleteObject, CreateBrushIndirect, CreateFontIndirectW, SetBkMode, SetTextColor
                                                  KERNEL32.dllRemoveDirectoryW, lstrcmpiA, GetTempFileNameW, CreateProcessW, CreateDirectoryW, GetLastError, CreateThread, GlobalLock, GlobalUnlock, GetDiskFreeSpaceW, WideCharToMultiByte, lstrcpynW, lstrlenW, SetErrorMode, GetVersionExW, GetCommandLineW, GetTempPathW, GetWindowsDirectoryW, SetEnvironmentVariableW, WriteFile, ExitProcess, GetCurrentProcess, GetModuleFileNameW, GetFileSize, CreateFileW, GetTickCount, Sleep, SetFileAttributesW, GetFileAttributesW, SetCurrentDirectoryW, MoveFileW, GetFullPathNameW, GetShortPathNameW, SearchPathW, CompareFileTime, SetFileTime, CloseHandle, lstrcmpiW, lstrcmpW, ExpandEnvironmentStringsW, GlobalFree, GlobalAlloc, GetModuleHandleW, LoadLibraryExW, FreeLibrary, WritePrivateProfileStringW, GetPrivateProfileStringW, lstrlenA, MultiByteToWideChar, ReadFile, SetFilePointer, FindClose, FindNextFileW, FindFirstFileW, DeleteFileW, MulDiv, lstrcpyA, MoveFileExW, lstrcatW, GetSystemDirectoryW, GetProcAddress, GetModuleHandleA, GetExitCodeProcess, WaitForSingleObject, CopyFileW

                                                  Possible Origin

                                                  Language of compilation systemCountry where language is spokenMap
                                                  EnglishUnited States

                                                  Network Behavior

                                                  Suricata IDS Alerts

                                                  TimestampProtocolSIDSignatureSource PortDest PortSource IPDest IP
                                                  2024-07-22T12:52:20.710966+0200TCP2849740ETPRO ADWARE_PUP Suspicious Domain (flow .lavasoft .com) in TLS SNI49767443192.168.2.8104.16.149.130
                                                  2024-07-22T12:52:10.230018+0200TCP2849740ETPRO ADWARE_PUP Suspicious Domain (flow .lavasoft .com) in TLS SNI49756443192.168.2.8104.16.149.130
                                                  2024-07-22T12:52:13.276896+0200TCP2849740ETPRO ADWARE_PUP Suspicious Domain (flow .lavasoft .com) in TLS SNI49760443192.168.2.8104.16.149.130
                                                  2024-07-22T12:52:09.448983+0200TCP2849740ETPRO ADWARE_PUP Suspicious Domain (flow .lavasoft .com) in TLS SNI49753443192.168.2.8104.16.149.130
                                                  2024-07-22T12:52:16.623558+0200TCP2849740ETPRO ADWARE_PUP Suspicious Domain (flow .lavasoft .com) in TLS SNI49764443192.168.2.8104.16.149.130
                                                  2024-07-22T12:52:14.819899+0200TCP2849740ETPRO ADWARE_PUP Suspicious Domain (flow .lavasoft .com) in TLS SNI49762443192.168.2.8104.16.149.130
                                                  2024-07-22T12:53:34.014772+0200TCP2849740ETPRO ADWARE_PUP Suspicious Domain (flow .lavasoft .com) in TLS SNI49775443192.168.2.8104.16.149.130
                                                  2024-07-22T12:51:59.048344+0200TCP2849740ETPRO ADWARE_PUP Suspicious Domain (flow .lavasoft .com) in TLS SNI49748443192.168.2.8104.16.149.130
                                                  2024-07-22T12:52:12.515625+0200TCP2849740ETPRO ADWARE_PUP Suspicious Domain (flow .lavasoft .com) in TLS SNI49759443192.168.2.8104.16.149.130
                                                  2024-07-22T12:52:10.988342+0200TCP2849740ETPRO ADWARE_PUP Suspicious Domain (flow .lavasoft .com) in TLS SNI49757443192.168.2.8104.16.149.130
                                                  2024-07-22T12:52:18.083826+0200TCP2849740ETPRO ADWARE_PUP Suspicious Domain (flow .lavasoft .com) in TLS SNI49766443192.168.2.8104.16.149.130
                                                  2024-07-22T12:53:28.888202+0200TCP2849740ETPRO ADWARE_PUP Suspicious Domain (flow .lavasoft .com) in TLS SNI49770443192.168.2.8104.16.149.130
                                                  2024-07-22T12:53:35.223095+0200TCP2849740ETPRO ADWARE_PUP Suspicious Domain (flow .lavasoft .com) in TLS SNI49779443192.168.2.8104.16.149.130
                                                  2024-07-22T12:52:15.652589+0200TCP2849740ETPRO ADWARE_PUP Suspicious Domain (flow .lavasoft .com) in TLS SNI49763443192.168.2.8104.16.149.130
                                                  2024-07-22T12:52:17.325088+0200TCP2849740ETPRO ADWARE_PUP Suspicious Domain (flow .lavasoft .com) in TLS SNI49765443192.168.2.8104.16.149.130
                                                  2024-07-22T12:52:14.168629+0200TCP2849740ETPRO ADWARE_PUP Suspicious Domain (flow .lavasoft .com) in TLS SNI49761443192.168.2.8104.16.149.130
                                                  2024-07-22T12:52:11.790870+0200TCP2849740ETPRO ADWARE_PUP Suspicious Domain (flow .lavasoft .com) in TLS SNI49758443192.168.2.8104.16.149.130
                                                  2024-07-22T12:51:49.871551+0200TCP2849740ETPRO ADWARE_PUP Suspicious Domain (flow .lavasoft .com) in TLS SNI49741443192.168.2.8104.16.149.130

                                                  Network Port Distribution

                                                  TCP Packets

                                                  TimestampSource PortDest PortSource IPDest IP
                                                  Jul 22, 2024 12:50:19.901449919 CEST49707443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:19.901510000 CEST4434970749.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:19.901592016 CEST49707443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:19.912446976 CEST49707443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:19.912476063 CEST4434970749.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:20.589186907 CEST4434970749.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:20.589389086 CEST49707443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:20.761590004 CEST49707443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:20.761622906 CEST4434970749.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:20.762031078 CEST4434970749.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:20.762092113 CEST49707443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:20.766097069 CEST49707443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:20.812513113 CEST4434970749.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:20.963141918 CEST4434970749.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:20.963175058 CEST4434970749.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:20.963253021 CEST4434970749.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:20.963339090 CEST49707443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:20.963406086 CEST49707443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:20.971191883 CEST49707443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:20.971227884 CEST4434970749.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:29.211442947 CEST49708443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:29.211493015 CEST4434970849.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:29.212012053 CEST49708443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:29.212012053 CEST49708443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:29.212045908 CEST4434970849.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:29.881594896 CEST4434970849.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:29.881705046 CEST49708443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:29.882354021 CEST49708443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:29.882363081 CEST4434970849.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:29.882560968 CEST49708443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:29.882565975 CEST4434970849.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:30.170192957 CEST4434970849.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:30.170259953 CEST4434970849.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:30.170408964 CEST49708443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:30.170408964 CEST49708443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:30.173216105 CEST49708443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:30.173230886 CEST4434970849.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:30.173254967 CEST49708443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:30.173286915 CEST49708443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:30.183321953 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.183368921 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.183585882 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.183779955 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.183804989 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.842092991 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.842178106 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.846478939 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.846493006 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.846755028 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.846824884 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.847090006 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.888499022 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.952634096 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.952723026 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.952828884 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.952830076 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.952898979 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.952964067 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.952977896 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.953047037 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.953694105 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.953754902 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.953768015 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.953820944 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.954361916 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.954416037 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.954427958 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.954478979 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.955137968 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.955219984 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.955233097 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.955295086 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.955837965 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.955902100 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.955914974 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.955977917 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.956619978 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.956681013 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:30.956692934 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:30.956756115 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.039165020 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.039412975 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.039480925 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.039562941 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.039755106 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.039820910 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.040376902 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.040446043 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.040730000 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.040796041 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.041019917 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.041069984 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.041695118 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.041758060 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.041779995 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.041841984 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.041857004 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.041918993 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.042363882 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.042427063 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.042895079 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.042948961 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.042972088 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.043035984 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.043632984 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.043690920 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.043710947 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.043776035 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.044372082 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.044430017 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.044449091 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.044502974 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.045119047 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.045171976 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.045861959 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.046006918 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.046066046 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.046088934 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.046118021 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.046147108 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.046472073 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.046535969 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.046555042 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.046614885 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.046633959 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.046695948 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.047347069 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.047409058 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.083127975 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.083326101 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.083389044 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.083472967 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.126351118 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.126475096 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.126538038 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.126614094 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.127356052 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.127443075 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.128149033 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.128237009 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.128251076 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.128326893 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.129820108 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.129898071 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.130789995 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.130886078 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.131716967 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.131795883 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.132700920 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.132781982 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.133694887 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.133785963 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.134483099 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.134565115 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.135294914 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.135366917 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.135988951 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.136054993 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.136814117 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.136888027 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.137639046 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.137711048 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.138418913 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.138487101 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.169997931 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.170219898 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.213365078 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.213471889 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.213879108 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.213963985 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.214989901 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.215068102 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.215862036 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.215938091 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.216717005 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.216808081 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.217576981 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.217649937 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.218473911 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.218547106 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.219335079 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.219407082 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.220036030 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.220107079 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.220979929 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.221057892 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.221071959 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.221141100 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.221883059 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.221954107 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.222846031 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.222923994 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.222938061 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.222970963 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.223006010 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.223032951 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.223771095 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.223854065 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.224759102 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.224838018 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.225589991 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.225656033 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.226517916 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.226583958 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.227327108 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.227400064 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.227423906 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.227490902 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.228112936 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.228190899 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.228203058 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.228228092 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.228261948 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.228285074 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.256861925 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.257076979 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.257342100 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.257426023 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.300805092 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.301028013 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.301948071 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.301970005 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.302009106 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.302054882 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.302054882 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.302103043 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.302139044 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.302161932 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.304622889 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.304675102 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.304725885 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.304739952 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.304769039 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.304792881 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.307209969 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.307254076 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.307296038 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.307307959 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.307336092 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.307356119 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.309561014 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.309612036 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.309684038 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.309684038 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.309699059 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.309751987 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.311419964 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.311525106 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.312510014 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.312522888 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.312592983 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.314034939 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.314075947 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.314138889 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.314151049 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.314193010 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.314213991 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.315843105 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.315881968 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.315937042 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.315948963 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.315980911 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.316000938 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.387681007 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.387737036 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.387980938 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.388046026 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.388123989 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.389173985 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.389215946 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.389281034 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.389316082 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.389349937 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.389393091 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.391557932 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.391599894 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.391652107 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.391694069 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.391724110 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.391757965 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.393357038 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.393407106 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.393455982 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.393501043 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.393537045 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.393563986 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.394891024 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.394942999 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.394999981 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.395035028 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.395070076 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.395090103 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.396792889 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.396842003 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.396898031 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.396936893 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.396971941 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.396994114 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.398720980 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.398761988 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.398828030 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.398859978 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.398894072 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.398914099 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.399612904 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.399655104 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.399698019 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.399708986 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.399724960 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.399750948 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.474056959 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.474098921 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.474200010 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.474232912 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.474284887 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.475519896 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.475548983 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.475632906 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.475640059 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.475692987 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.477432966 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.477451086 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.477530956 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.477546930 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.477591991 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.478363991 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.478383064 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.478465080 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.478477001 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.478528023 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.480196953 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.480215073 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.480310917 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.480323076 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.480384111 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.481089115 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.481143951 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:31.481164932 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.481189013 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.481334925 CEST49709443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:31.481353998 CEST44349709104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:35.299911976 CEST49714443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:35.299957991 CEST4434971449.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:35.300050974 CEST49714443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:35.300374031 CEST49714443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:35.300390959 CEST4434971449.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:36.199510098 CEST4434971449.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:36.199759007 CEST49714443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:36.200392008 CEST49714443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:36.200418949 CEST4434971449.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:36.200546026 CEST49714443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:36.200551987 CEST4434971449.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:36.494309902 CEST4434971449.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:36.494467020 CEST4434971449.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:36.494513035 CEST49714443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:36.494539976 CEST49714443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:36.494769096 CEST49714443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:36.494786024 CEST4434971449.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:36.494797945 CEST49714443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:36.494834900 CEST49714443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:36.495238066 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:36.495268106 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:36.495434999 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:36.495522022 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:36.495532990 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:36.518557072 CEST49716443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:36.518587112 CEST4434971649.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:36.518651962 CEST49716443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:36.518862963 CEST49716443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:36.518877029 CEST4434971649.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:37.066365004 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.066554070 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.067265034 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.067282915 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.067509890 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.067514896 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.172596931 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.172710896 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.172724962 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.172776937 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.172924995 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.172975063 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.173141003 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.173193932 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.173413038 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.173465967 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.173506021 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.173557997 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.173599958 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.173650026 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.173693895 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.173743010 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.173783064 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.173831940 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.173876047 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.173937082 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.173960924 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.174006939 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.174050093 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.174101114 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.174141884 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.174189091 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.212407112 CEST4434971649.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:37.212521076 CEST49716443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:37.212874889 CEST49716443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:37.212887049 CEST4434971649.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:37.213047028 CEST49716443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:37.213052034 CEST4434971649.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:37.263272047 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.263361931 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.263427019 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.263475895 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.263509035 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.263552904 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.263794899 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.263957024 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.263967037 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.264014006 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.264049053 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.264100075 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.264130116 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.264187098 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.264209986 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.264256954 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.264291048 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.264342070 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.264374971 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.264425993 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.264519930 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.264570951 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.264700890 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.264755011 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.264894009 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.264944077 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.264974117 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.265019894 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.265057087 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.265115976 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.265140057 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.265189886 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.265527964 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.265578985 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.265703917 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.265753984 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.266863108 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.266911983 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.266916990 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.266928911 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.266963005 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.266971111 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.267018080 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.267024994 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.267071009 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.350584030 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.350636005 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.350658894 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.350660086 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.350703001 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.350720882 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.350720882 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.350742102 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.350881100 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.350928068 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.351043940 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.351092100 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.351366043 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.351423025 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.351890087 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.351943016 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.352199078 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.352246046 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.352674007 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.352732897 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.353168964 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.353225946 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.353640079 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.353693008 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.354125023 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.354181051 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.354603052 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.354657888 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.355063915 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.355118990 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.355585098 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.355638981 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.355693102 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.355741024 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.439032078 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.439254999 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.439408064 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.439475060 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.439522982 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.439598083 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.440021992 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.440099001 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.440363884 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.440437078 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.440836906 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.440897942 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.441382885 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.441443920 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.441472054 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.441530943 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.441960096 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.442018986 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.442650080 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.442708015 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.442733049 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.442791939 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.443587065 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.443649054 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.443674088 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.443730116 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.444210052 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.444267035 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.444817066 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.444878101 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.444910049 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.444969893 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.445008039 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.445064068 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.445090055 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.445147991 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.445872068 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.445936918 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.445960045 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.446022034 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.446737051 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.446799994 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.446834087 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.446891069 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.446923971 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.446981907 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.447005987 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.447062016 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.507025957 CEST4434971649.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:37.507193089 CEST4434971649.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:37.507314920 CEST49716443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:37.507314920 CEST49716443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:37.507484913 CEST49716443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:37.507508993 CEST4434971649.12.121.47192.168.2.8
                                                  Jul 22, 2024 12:50:37.507519007 CEST49716443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:37.507555962 CEST49716443192.168.2.849.12.121.47
                                                  Jul 22, 2024 12:50:37.507988930 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.508032084 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.508101940 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.508280039 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.508291960 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.526913881 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.527004004 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.527208090 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.527271032 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.527285099 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.527343035 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.527916908 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.527975082 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.528000116 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.528057098 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.533322096 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.533343077 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.533379078 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.533390045 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.533407927 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.533428907 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.533449888 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.533581972 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.533648968 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.534034014 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.534096956 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.534164906 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.534203053 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.534229994 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.534238100 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.534249067 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.534267902 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.534276009 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.534332037 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.534370899 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.534396887 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.534404039 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.534427881 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.534436941 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.534476995 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.534514904 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.534538984 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.534544945 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.534573078 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.534584999 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.535289049 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.535331964 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.535357952 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.535363913 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.535389900 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.535399914 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.615345001 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.615472078 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.615475893 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.615506887 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.615550995 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.615894079 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.616112947 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.616162062 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.616192102 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.616204023 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.616234064 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.616241932 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.616993904 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.617038012 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.617063999 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.617069960 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.617094994 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.617115974 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.617820978 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.617866039 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.617917061 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.617924929 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.617955923 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.617955923 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.619740009 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.619785070 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.619817972 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.619823933 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.619843006 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.619862080 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.620820045 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.620882034 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.620891094 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.620908022 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.620938063 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.620945930 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.621731043 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.621774912 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.621798992 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.621805906 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.621822119 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.621841908 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.622706890 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.622756958 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.622786999 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.622793913 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.622819901 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.622833014 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.702550888 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.702604055 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.702692032 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.702716112 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.702733040 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.702769995 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.703012943 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.703054905 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.703073978 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.703083038 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.703108072 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.703116894 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.704551935 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.704598904 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.704627991 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.704641104 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.704655886 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.704673052 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.705446959 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.705467939 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.705521107 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.705533028 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.705565929 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.706434011 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.706446886 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.706497908 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.706511974 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.706542015 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.707405090 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.707417965 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.707468987 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.707480907 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.707516909 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.708439112 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.708452940 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.708507061 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.708518982 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.708558083 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.708718061 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.708774090 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:37.708779097 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.708811045 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.708976984 CEST49715443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:37.708996058 CEST44349715104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.071532011 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.071592093 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.072341919 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.072350979 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.072597027 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.072602034 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.182522058 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.182595015 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.182609081 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.182648897 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.182679892 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.182725906 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.182779074 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.182821035 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.182863951 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.182904005 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.182949066 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.182992935 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.183037043 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.183078051 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.183121920 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.183162928 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.183191061 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.183233976 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.186418056 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.186475992 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.186547995 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.186590910 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.186636925 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.186691046 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.186732054 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.186773062 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.187602043 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.187644005 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.269737005 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.269797087 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.269833088 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.269890070 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.269893885 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.269927025 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.269931078 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.269967079 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.269970894 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.270008087 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.270011902 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.270051003 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.270056009 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.270091057 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.270260096 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.270298958 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.275413036 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.275454998 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.275465012 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.275504112 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.275507927 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.275542974 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.275620937 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.275660038 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.275742054 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.275778055 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.275784016 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.275820971 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.275826931 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.275872946 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.276046038 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.276081085 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.276096106 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.276134014 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.276149035 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.276185989 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.276194096 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.276228905 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.276245117 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.276279926 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.276284933 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.276321888 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.276525021 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.276561022 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.276582003 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.276618004 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.276629925 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.276664972 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.276673079 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.276710033 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.276788950 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.276823997 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.363962889 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.364038944 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.364129066 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.364177942 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.364257097 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.364312887 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.364381075 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.364425898 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.364536047 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.364579916 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.364768982 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.364821911 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.364862919 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.364916086 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.365282059 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.365329981 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.365406036 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.365453959 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.365775108 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.365824938 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.365874052 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.365920067 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.366359949 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.366411924 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.366637945 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.366688013 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.366856098 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.366904974 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.366991997 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.367053032 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.367228985 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.367288113 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.367330074 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.367379904 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.675138950 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.675225019 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.675374031 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.675434113 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.675705910 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.675765991 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.675893068 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.675951004 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.675998926 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.676062107 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.676090956 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.676143885 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.676752090 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.676803112 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.676842928 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.676896095 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.677465916 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.677521944 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.677567959 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.677620888 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.677659035 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.677712917 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.677987099 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.678042889 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.678109884 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.678164005 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.678211927 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.678267002 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.678302050 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.678355932 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.678980112 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.679050922 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.679085970 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.679136992 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.679177999 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.679230928 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.680051088 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.680108070 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.680166006 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.680219889 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.680265903 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.680318117 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.680358887 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.680412054 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.680870056 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.680926085 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.680977106 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.681030989 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.681066990 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.681121111 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.684187889 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.684210062 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.684251070 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.684263945 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.684278011 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.684292078 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.684313059 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.684324026 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.684978008 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.685025930 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.685051918 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.685056925 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.685091972 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.685111046 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.689243078 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.689286947 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.689340115 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.689346075 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.689373970 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.689393044 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.690021992 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.690068007 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.690095901 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.690100908 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.690129042 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.690141916 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.693126917 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.693173885 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.693186998 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.693202972 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.693223000 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.693242073 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.693252087 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.694031000 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.694077969 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.694081068 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.694108963 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.694113970 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.694140911 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.694154024 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.694700956 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.694745064 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.694765091 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.694771051 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.694802999 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.694813967 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.696237087 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.696280956 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.696306944 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.696311951 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.696351051 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.696363926 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.697390079 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.697433949 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.697462082 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.697467089 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.697509050 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.697779894 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.697823048 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.697851896 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.697856903 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.697889090 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.697901011 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.698786020 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.698827028 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.698863029 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.698867083 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.698894978 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.698908091 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.699534893 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.699573994 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.699613094 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.699616909 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.699630022 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.699660063 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.700710058 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.700752020 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.700781107 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.700786114 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.700818062 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.700834990 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.701507092 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.701549053 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.701597929 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.701603889 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.701633930 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.701647997 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.702822924 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.702862978 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.702892065 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.702898026 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.702940941 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.702940941 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.717216015 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.717252016 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.717292070 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.717303038 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.717336893 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.717354059 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.718044996 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.718066931 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.718132973 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.718139887 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.718187094 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.718801975 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.718832970 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.718885899 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.718890905 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.718902111 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.718934059 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.719579935 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.719600916 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.719650984 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:38.928514004 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:38.928602934 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:39.140516043 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:39.140621901 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:39.564505100 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:39.564603090 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:40.392548084 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:40.392647982 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:40.705002069 CEST4972080192.168.2.8104.16.148.130
                                                  Jul 22, 2024 12:50:40.710062981 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:40.710448980 CEST4972080192.168.2.8104.16.148.130
                                                  Jul 22, 2024 12:50:40.710808992 CEST4972080192.168.2.8104.16.148.130
                                                  Jul 22, 2024 12:50:40.715701103 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:40.715789080 CEST4972080192.168.2.8104.16.148.130
                                                  Jul 22, 2024 12:50:40.721019983 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:41.232688904 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:41.261960030 CEST4972080192.168.2.8104.16.148.130
                                                  Jul 22, 2024 12:50:41.266871929 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:41.266940117 CEST4972080192.168.2.8104.16.148.130
                                                  Jul 22, 2024 12:50:41.271877050 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:41.392436028 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:41.401196957 CEST4972080192.168.2.8104.16.148.130
                                                  Jul 22, 2024 12:50:41.406121016 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:41.406202078 CEST4972080192.168.2.8104.16.148.130
                                                  Jul 22, 2024 12:50:41.411257029 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:41.639314890 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:41.657022953 CEST4972080192.168.2.8104.16.148.130
                                                  Jul 22, 2024 12:50:41.661943913 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:41.662017107 CEST4972080192.168.2.8104.16.148.130
                                                  Jul 22, 2024 12:50:41.666901112 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:41.784491062 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:41.805897951 CEST4972080192.168.2.8104.16.148.130
                                                  Jul 22, 2024 12:50:41.811939955 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:41.812074900 CEST4972080192.168.2.8104.16.148.130
                                                  Jul 22, 2024 12:50:41.816962004 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:41.975637913 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:41.984899044 CEST4972080192.168.2.8104.16.148.130
                                                  Jul 22, 2024 12:50:41.989710093 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:41.989769936 CEST4972080192.168.2.8104.16.148.130
                                                  Jul 22, 2024 12:50:41.994704008 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:42.056504965 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:42.056557894 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:42.151127100 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:42.160337925 CEST4972080192.168.2.8104.16.148.130
                                                  Jul 22, 2024 12:50:42.165242910 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:42.165294886 CEST4972080192.168.2.8104.16.148.130
                                                  Jul 22, 2024 12:50:42.170088053 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:42.327850103 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:42.349273920 CEST4972080192.168.2.8104.16.148.130
                                                  Jul 22, 2024 12:50:42.354337931 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:42.354393959 CEST4972080192.168.2.8104.16.148.130
                                                  Jul 22, 2024 12:50:42.359361887 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:42.520427942 CEST8049720104.16.148.130192.168.2.8
                                                  Jul 22, 2024 12:50:42.566065073 CEST4972080192.168.2.8104.16.148.130
                                                  Jul 22, 2024 12:50:42.940222979 CEST4972380192.168.2.864.18.87.82
                                                  Jul 22, 2024 12:50:42.945080996 CEST804972364.18.87.82192.168.2.8
                                                  Jul 22, 2024 12:50:42.945151091 CEST4972380192.168.2.864.18.87.82
                                                  Jul 22, 2024 12:50:42.949088097 CEST4972380192.168.2.864.18.87.82
                                                  Jul 22, 2024 12:50:42.949198961 CEST4972380192.168.2.864.18.87.82
                                                  Jul 22, 2024 12:50:42.953933001 CEST804972364.18.87.82192.168.2.8
                                                  Jul 22, 2024 12:50:42.953952074 CEST804972364.18.87.82192.168.2.8
                                                  Jul 22, 2024 12:50:43.418436050 CEST804972364.18.87.82192.168.2.8
                                                  Jul 22, 2024 12:50:43.418459892 CEST804972364.18.87.82192.168.2.8
                                                  Jul 22, 2024 12:50:43.418589115 CEST4972380192.168.2.864.18.87.82
                                                  Jul 22, 2024 12:50:43.762774944 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:43.767807007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:43.768069983 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:43.768233061 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:43.773046970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.225122929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.225142002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.225153923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.225195885 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.225214958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.225228071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.225270987 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.225353956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.225364923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.225375891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.225399971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.225433111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.225507975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.225519896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.225570917 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.230026007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.230076075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.230129957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.312663078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.312684059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.312696934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.312741995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.312753916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.312762976 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.312766075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.312777996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.312791109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.312829971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.312856913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.312859058 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.312922955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.313283920 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.313600063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.313664913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.313676119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.313709974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.313781023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.313792944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.313833952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.314469099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.314486980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.314497948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.314521074 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.314552069 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.314635992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.314647913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.314692974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.317593098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.317611933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.317656994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.317662954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.317676067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.317712069 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.399540901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.399591923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.399604082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.399616957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.399630070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.399652958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.399668932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.399677038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.399683952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.399682999 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.399698973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.399727106 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.399749994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.399869919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.399943113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.399955988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.400116920 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.400121927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.400137901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.400151968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.400165081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.400203943 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.400217056 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.400274992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.400295019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.400307894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.400377035 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.400697947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.400710106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.400721073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.400763035 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.400763988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.400778055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.400789976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.400804996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.400816917 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.400856972 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.400996923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.401010036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.401022911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.401110888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.401146889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.401645899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.401664019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.401674986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.401690960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.401731968 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.401834011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.401844978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.401855946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.401868105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.401882887 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.401906013 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.402113914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.402124882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.402131081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.402136087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.402252913 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.485728979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.485750914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.485765934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.485780954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.485846996 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.485958099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.486093998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.486107111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.486150026 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.486160994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.486175060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.486186981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.486202955 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.486238956 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.486361980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.486375093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.486388922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.486403942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.486412048 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.486462116 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.486605883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.486618996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.486630917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.486644030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.486668110 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.486690998 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.486797094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.486859083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.486871958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.486902952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.486943960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.487057924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.487061977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.487071991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.487086058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.487098932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.487122059 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.487157106 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.487297058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.487309933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.487323046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.487337112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.487355947 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.487523079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.487536907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.487544060 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.487550020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.487564087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.487576962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.487591028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.487598896 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.487634897 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.487796068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.487903118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.487915993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.487941980 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.488112926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.488126993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.488138914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.488152027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.488168001 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.488193035 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.488257885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.488271952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.488286018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.488291979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.488332033 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.488462925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.488476038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.488511086 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.488516092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.488529921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.488590956 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.488665104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.488743067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.488754988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.488780022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.488871098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.488883018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.488917112 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.489025116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.489037991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.489052057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.489063025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.489073992 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.489077091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.489100933 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.489123106 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.489258051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.489300013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.489310980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.489347935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.489500999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.489545107 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.489617109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.489681959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.489694118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.489784002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.489805937 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.489825010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.489859104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.489871025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.489912033 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.490000963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.490012884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.490035057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.490046978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.490060091 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.490118027 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.490185022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.490196943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.490236044 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.572246075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.572581053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.572597980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.572609901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.572621107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.572632074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.572643042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.572689056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.572701931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.572712898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.572710991 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.572724104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.572735071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.572747946 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.572794914 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.573131084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573144913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573157072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573165894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573172092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573183060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573199034 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.573219061 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.573285103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573297977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573307991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573318005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573328972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573332071 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.573338985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573355913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573358059 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.573364973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573374987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573380947 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.573385000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573395967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573405027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573407888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.573416948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573427916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.573443890 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.573467016 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.574084997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.574096918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.574107885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.574120998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.574142933 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.574166059 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.574326038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.574337959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.574347973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.574359894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.574372053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.574378967 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.574408054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.574580908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.574593067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.574631929 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.574687004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.574698925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.574711084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.574722052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.574732065 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.574733019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.574744940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.574754953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.574759960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.574767113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.574779034 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.574804068 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.575162888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.575217009 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.575220108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.575232029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.575242043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.575254917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.575267076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.575304985 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.577668905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.577682018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.577692986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.577756882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.577795982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.577809095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.577820063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.577831984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.577850103 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.577878952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.577934027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.577972889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.577985048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578031063 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.578052044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578063965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578125000 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.578151941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578164101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578176022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578187943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578216076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.578262091 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.578293085 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.578325033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578337908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578388929 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.578474045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578488111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578499079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578514099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578526974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578526974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.578548908 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.578705072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578716993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578727961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578739882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578756094 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.578799009 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.578955889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578968048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578979969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.578991890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.579003096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.579006910 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.579015017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.579026937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.579035997 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.579073906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.579219103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.579231024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.579243898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.579255104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.579267025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.579277039 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.579278946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.579313993 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.579336882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.582493067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.582506895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.582519054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.582530022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.582541943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.582555056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.582566977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.582576990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.582582951 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.582590103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.582602024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.582612991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.582623005 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.582652092 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.658668041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.658694029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.658706903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.658801079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.658813953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.658819914 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.658827066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.658838034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.658869982 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.659003019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.659079075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.659116983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.659127951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.659135103 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.659181118 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.659452915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.659465075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.659476042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.659487963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.659503937 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.659517050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.659528971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.659535885 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.659540892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.659564018 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.659607887 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.659887075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.659898996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.659910917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.659920931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.659933090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.659936905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.659944057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.659957886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.659969091 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.659969091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.659981012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.660005093 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.660041094 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.660130978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.660177946 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.660340071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.660351992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.660362005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.660373926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.660384893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.660391092 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.660398006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.660409927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.660420895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.660432100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.660439014 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.660444975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.660455942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.660463095 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.660468102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.660490036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.660492897 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.660514116 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.660537958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.660550117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.660597086 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.661169052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.661180973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.661197901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.661207914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.661217928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.661226034 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.661230087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.661241055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.661251068 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.661252022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.661262989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.661276102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.661276102 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.661288023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.661299944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.661310911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.661313057 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.661323071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.661334991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.661336899 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.661365032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.661391973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.662163973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.662179947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.662195921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.662209988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.662218094 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.662221909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.662235022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.662245035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.662256002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.662257910 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.662266970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.662278891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.662290096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.662292957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.662301064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.662312031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.662318945 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.662323952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.662334919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.662345886 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.662347078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.662372112 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.662400007 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.663434029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663446903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663453102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663463116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663474083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663486004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663499117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663506985 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.663517952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663530111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663542986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663548946 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.663556099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663568020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663572073 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.663583040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663594961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663602114 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.663606882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663619041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663631916 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.663661957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.663810015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663821936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663835049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663847923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663887024 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.663923979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.663957119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663969040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663978100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663989067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.663999081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.664010048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.664021015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.664025068 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.664031982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.664043903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.664055109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.664067030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.664077997 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.664078951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.664092064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.664108038 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.664139032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.664736032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.664750099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.664762020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.664772034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.664792061 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.664822102 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.745148897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.745213985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.745228052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.745277882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.745332003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.745343924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.745356083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.745367050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.745382071 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.745424032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.745596886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.745609045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.745620012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.745630026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.745640993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.745646954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.745652914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.745663881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.745676994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.745697975 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.745737076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.746125937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746139050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746149063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746165991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746176958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746186972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746197939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746198893 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.746208906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746220112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746231079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746236086 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.746243000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746253967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746264935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746265888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.746288061 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.746315002 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.746781111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746793032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746803999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746814013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746826887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746836901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746849060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746855021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.746859074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746870995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746881962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.746891022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.746932030 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.747368097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.747380018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.747390032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.747400999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.747411966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.747417927 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.747421026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.747431993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.747442961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.747447968 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.747453928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.747463942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.747474909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.747482061 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.747486115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.747508049 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.747536898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.748047113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748059988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748070002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748081923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748091936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748101950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748111963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748115063 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.748121977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748131990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748136997 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.748142958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748153925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748163939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748176098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748186111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748191118 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.748197079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748208046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748215914 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.748254061 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.748946905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748960018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748970032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748980999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748991966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.748996973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.749002934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749012947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749023914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749033928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749044895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749048948 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.749054909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749066114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749075890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749080896 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.749088049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749098063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749118090 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.749300003 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.749855042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749866009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749875069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749885082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749893904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749898911 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.749903917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749913931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749923944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749934912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749943972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749953985 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.749953985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749964952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749973059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749983072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.749994040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.750000954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.750004053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.750031948 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.750725031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.750741959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.750752926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.750763893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.750773907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.750777960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.750787020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.750797987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.750807047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.750818014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.750823021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.750828028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.750838041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.750848055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.750858068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.750859022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.750871897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.750894070 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.799019098 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.831723928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.831753969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.831765890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.831826925 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.831893921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.831904888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.831914902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.831926107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.831937075 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.831980944 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.832150936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.832161903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.832171917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.832181931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.832191944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.832201958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.832204103 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.832232952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.832556963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.832566977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.832576036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.832586050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.832596064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.832606077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.832617044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.832618952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.832628012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.832638025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.832648039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.832658052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.832659960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.832669973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.832694054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.833170891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.833183050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.833192110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.833201885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.833231926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.833257914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.833259106 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.833267927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.833277941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.833287954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.833302975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.833312035 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.833312988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.833323002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.833333015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.833339930 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.833343983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.833355904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.833365917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.833369017 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.833379030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.833388090 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.833415031 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.834213972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.834225893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.834234953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.834250927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.834260941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.834270954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.834280968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.834283113 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.834290028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.834307909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.834321976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.834326982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.834326982 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.834330082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.834333897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.834336042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.834346056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.834352970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.834356070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.834386110 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.835135937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.835150003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.835155010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.835165977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.835176945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.835180044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.835186958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.835195065 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.835197926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.835206985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.835216999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.835230112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.835241079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.835252047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.835253954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.835264921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.835274935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.835274935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.835326910 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.836051941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.836065054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.836076021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.836081982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.836091042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.836118937 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.836127043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.836136103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.836144924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.836153984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.836163044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.836163044 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.836173058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.836183071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.836191893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.836198092 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.836201906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.836211920 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.836221933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.836232901 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.836255074 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.836977005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.836990118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.836999893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.837009907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.837018967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.837028027 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.837029934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.837040901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.837052107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.837061882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.837071896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.837073088 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.837084055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.837095022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.837105036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.837116957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.837121964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.837124109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.837127924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.837141991 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.837169886 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.837738037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.837752104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.837763071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.837776899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.837788105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.837801933 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.837840080 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.917881966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.917951107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.918030977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.918037891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.918071032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.918107986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.918121099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.918122053 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.918133974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.918159008 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.918315887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.918328047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.918344021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.918361902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.918380022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.918387890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.918401003 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.918406010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.918441057 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.918600082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.918618917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.918641090 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.918703079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.918704987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.918709993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.918720961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.918732882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.918747902 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.918786049 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.919133902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919147015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919159889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919173002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919183969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919195890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919202089 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.919207096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919229984 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.919425964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919475079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.919497967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919508934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919544935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.919642925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919653893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919665098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919672966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919692993 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.919733047 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.919913054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919924021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919934988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919951916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919962883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919974089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.919977903 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.919989109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.920001030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.920003891 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.920013905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.920023918 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.920041084 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.920587063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.920598984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.920609951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.920623064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.920634985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.920639038 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.920645952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.920659065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.920661926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.920670033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.920680046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.920686007 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.920690060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.920701027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.920706987 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.920712948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.920723915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.920723915 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.920733929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.920744896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.920756102 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.920775890 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.921499968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.921511889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.921523094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.921534061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.921544075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.921545982 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.921554089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.921565056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.921575069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.921580076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.921585083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.921596050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.921600103 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.921607018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.921617031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.921622992 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.921627998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.921638966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.921643019 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.921650887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.921663046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.921663046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.921680927 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.921703100 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.922409058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.922420979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.922430992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.922442913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.922452927 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.922452927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.922463894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.922473907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.922485113 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.922485113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.922496080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.922506094 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.922508001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.922518015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.922528982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.922538996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.922545910 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.922550917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.922560930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.922571898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.922575951 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.922595024 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.922704935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.923331022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.923342943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.923352003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.923363924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.923373938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.923382044 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.923384905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.923396111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.923409939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.923419952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.923419952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.923430920 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.923441887 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.923441887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.923453093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.923464060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.923469067 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.923474073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.923485994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.923491001 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.923496962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.923512936 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.923753023 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.924061060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.924072981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.924082994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:44.924118996 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:44.970876932 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.004430056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.004447937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.004461050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.004478931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.004506111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.004509926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.004566908 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.004642963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.004653931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.004663944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.004676104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.004678965 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.004687071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.004710913 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.004740000 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.004925966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.004937887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.004946947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.004956961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.004968882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.004970074 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.004997969 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.005203009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.005214930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.005249977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.005264997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.005281925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.005306005 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.005424023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.005434990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.005445957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.005455971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.005466938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.005469084 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.005495071 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.005513906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.005666018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.005754948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.005765915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.005775928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.005794048 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.005825996 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.005970955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.005981922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.005994081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.006005049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.006014109 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.006016970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.006042004 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.006227016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.006238937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.006273985 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.006279945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.006292105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.006304979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.006315947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.006325960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.006326914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.006345987 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.006364107 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.006618977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.006629944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.006642103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.006650925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.006660938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.006668091 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.006689072 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.006999016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007009029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007019043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007029057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007038116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007040977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.007049084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007057905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007069111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007069111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.007078886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007087946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007095098 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.007098913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007113934 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.007133007 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.007555962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007565975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007575035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007584095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007595062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007599115 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.007605076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007615089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007625103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007627010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.007635117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007644892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007644892 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.007657051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.007668018 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.007688046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.008276939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.008285999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.008296013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.008305073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.008315086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.008315086 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.008322954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.008333921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.008342981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.008347988 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.008352041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.008361101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.008371115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.008387089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.008390903 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.008395910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.008398056 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.008407116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.008420944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.008421898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.008440971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.008460045 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.009135008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.009145021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.009156942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.009166002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.009176970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.009176970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.009187937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.009197950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.009206057 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.009208918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.009219885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.009229898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.009241104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.009241104 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.009251118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.009260893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.009272099 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.009273052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.009283066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.009294033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.009294033 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.009318113 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.009334087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.010063887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.010075092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.010086060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.010097980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.010107040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.010107040 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.010113955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.010118961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.010123968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.010128975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.010134935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.010143042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.010149002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.010154963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.010164976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.010170937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.010174990 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.010219097 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.091245890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091263056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091274023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091314077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091324091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091334105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091345072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091383934 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.091418982 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.091559887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091571093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091581106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091590881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091614962 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.091636896 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.091799021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091814041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091823101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091833115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091842890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091851950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091861963 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.091861963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091871977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091878891 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.091882944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.091902971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.091926098 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.092291117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.092300892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.092310905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.092320919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.092344046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.092367887 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.092515945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.092525959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.092536926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.092545986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.092572927 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.092590094 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.092653036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.092770100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.092780113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.092788935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.092799902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.092808962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.092813969 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.092818975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.092828035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.092839956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.092849970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.092860937 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.092885971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.093381882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.093391895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.093401909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.093410015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.093419075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.093429089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.093437910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.093445063 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.093447924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.093457937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.093466997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.093476057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.093482971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.093487978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.093497992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.093507051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.093509912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.093517065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.093521118 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.093527079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.093542099 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.093563080 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.094113111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.094124079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.094168901 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.094239950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.094249964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.094259024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.094269037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.094279051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.094289064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.094299078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.094301939 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.094307899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.094317913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.094327927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.094341040 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.094351053 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.094373941 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.094959021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.094969034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.094980001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.094991922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095001936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095011950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095014095 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.095021963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095031977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095037937 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.095042944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095052004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095061064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095063925 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.095072985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095082045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095084906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.095092058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095102072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095103979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.095110893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095129013 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.095140934 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.095896006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095907927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095917940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095927000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095937014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095946074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095956087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095959902 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.095967054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095978022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095983982 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.095988035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.095999002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096008062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096009970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.096016884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096025944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096044064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096045971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.096055031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096057892 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.096082926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.096101046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.096765041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096775055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096784115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096793890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096803904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096811056 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.096813917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096823931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096833944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096843958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096843004 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.096854925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096867085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096869946 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.096877098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096887112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096888065 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.096895933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.096904993 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.096946955 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.177481890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.177525997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.177536964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.177608013 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.177613020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.177624941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.177664042 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.177723885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.177735090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.177762985 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.177886963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.177897930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.177908897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.177927017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.177930117 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.177939892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.177957058 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.177987099 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.178137064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.178148031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.178167105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.178178072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.178188086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.178191900 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.178199053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.178209066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.178210020 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.178231001 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.178567886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.178577900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.178589106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.178599119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.178610086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.178611994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.178621054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.178632021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.178653002 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.178692102 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.178874969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.178890944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.178941965 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.179034948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179045916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179055929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179065943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179078102 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.179084063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179095030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179104090 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.179105997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179116964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179127932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179137945 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.179138899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179167986 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.179183960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.179750919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179761887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179770947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179781914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179791927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179801941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179809093 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.179815054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179826021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179836035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179836988 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.179847002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179857016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179857969 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.179867983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179878950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179889917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.179894924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.179927111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.180422068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180433035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180443048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180453062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180464029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180473089 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.180474043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180504084 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.180519104 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.180696964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180707932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180757999 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.180846930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180855989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180866003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180875063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180883884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180888891 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.180895090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180902958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180907011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.180915117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180923939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180933952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180934906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.180943966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180953026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180957079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.180963039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.180974960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.181001902 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.181799889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.181809902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.181819916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.181828976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.181838036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.181839943 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.181848049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.181857109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.181862116 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.181868076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.181876898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.181881905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.181888103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.181895971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.181905985 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.181905985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.181915998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.181921959 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.181926012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.181936026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.181946993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.181951046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.181983948 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.182529926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.182540894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.182576895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.182678938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.182688951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.182699919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.182709932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.182718992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.182718992 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.182729006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.182737112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.182738066 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.182746887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.182755947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.182765007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.182769060 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.182775974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.182785034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.182786942 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.182795048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.182805061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.182811022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.182830095 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.183485031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.183495998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.183505058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.183515072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.183525085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.183535099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.183541059 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.183541059 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.183585882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.264200926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.264219046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.264230013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.264308929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.264318943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.264323950 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.264357090 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.264434099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.264445066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.264453888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.264463902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.264472961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.264475107 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.264489889 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.264535904 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.264715910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.264725924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.264777899 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.264780045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.264796972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.264806986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.264816999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.264826059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.264832020 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.264836073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.264848948 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.264882088 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.265146971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265156984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265166044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265176058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265202999 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.265221119 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.265391111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265400887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265410900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265420914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265430927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265439987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265444994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.265465975 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.265480995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.265777111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265785933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265794992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265805006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265814066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265815973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.265824080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265832901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265842915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265856028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265858889 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.265866995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265877008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265882969 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.265887022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.265908957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.265928984 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.266448021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.266458035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.266463041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.266465902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.266474962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.266479969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.266484976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.266494989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.266504049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.266514063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.266522884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.266526937 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.266532898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.266542912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.266546965 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.266552925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.266557932 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.266563892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.266576052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.266576052 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.266597033 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.266618013 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.267206907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.267218113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.267227888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.267236948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.267246962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.267256975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.267261982 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.267266035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.267286062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.267290115 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.267302036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.267313004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.267323971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.267328978 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.267335892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.267345905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.267349958 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.267355919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.267366886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.267370939 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.267390966 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.268166065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.268177986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.268188000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.268196106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.268205881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.268209934 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.268215895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.268224955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.268228054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.268235922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.268244982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.268254042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.268264055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.268268108 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.268275023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.268277884 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.268284082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.268294096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.268296003 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.268305063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.268315077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.268318892 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.268337965 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.269090891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269100904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269109964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269119024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269129038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269140005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269148111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.269150019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269160032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269169092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269171000 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.269179106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269187927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269198895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.269198895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269207954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269212008 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.269220114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269229889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269233942 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.269239902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269253969 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.269264936 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.269921064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269932032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269942045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269953012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269961119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269962072 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.269972086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269982100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.269984007 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.269993067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.270001888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.270006895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.270011902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.270020962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.270030975 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.270054102 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.270070076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.351566076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.351598024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.351675034 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.351747990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.352118969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.352180004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.352190018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.352225065 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.352308035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.352317095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.352328062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.352344990 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.352495909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.352509975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.352534056 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.352698088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.352722883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.352732897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.352746010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.352771997 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.352842093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.352853060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.352861881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.352885962 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.352940083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.352997065 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.353437901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.353450060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.353497028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.353584051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.353593111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.353602886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.353612900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.353625059 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.353625059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.353652954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.353749037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.353758097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.353769064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.353776932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.353794098 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.353810072 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.353846073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.353879929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.353889942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.353920937 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.354049921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354059935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354069948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354088068 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.354201078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354212046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354235888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.354254961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354264021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354274988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354280949 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.354285955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354305983 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.354674101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354682922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354691982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354701042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354712009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354722023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354732990 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.354732990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354743004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354753017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354763031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354769945 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.354773045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354783058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.354787111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.354808092 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.355381966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.355391979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.355401993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.355412006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.355421066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.355424881 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.355431080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.355447054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.355449915 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.355457067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.355467081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.355477095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.355487108 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.355489016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.355499983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.355509043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.355511904 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.355520010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.355526924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.355530024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.355546951 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.355570078 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.356302977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.356312990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.356323004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.356332064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.356340885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.356350899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.356355906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.356359959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.356369972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.356373072 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.356379986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.356388092 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.356389999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.356400013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.356404066 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.356410027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.356420040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.356432915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.356442928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.356452942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.356456041 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.356477022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.356493950 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.357228994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.357240915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.357250929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.357261896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.357271910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.357280970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.357285976 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.357291937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.357301950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.357310057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.357316017 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.357320070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.357327938 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.357330084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.357340097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.357351065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.357366085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.357367992 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.357371092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.357392073 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.358057022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.358067036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.358076096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.358086109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.358097076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.358107090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.358117104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.358127117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.358129978 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.358136892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.358138084 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.358149052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.358156919 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.358170033 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.408360958 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.437498093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.437529087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.437542915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.437588930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.437597990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.437635899 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.437689066 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.437726974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.437736988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.437747002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.437769890 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.437792063 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.437901974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.437911034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.437922001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.437937021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.437947035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.437952995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.437957048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.437967062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.437988043 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.438007116 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.438332081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.438342094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.438350916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.438360929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.438371897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.438381910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.438390970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.438405037 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.438715935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.438726902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.438735962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.438745022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.438755989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.438766956 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.438775063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.438805103 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.439007998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439019918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439029932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439049959 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.439071894 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.439145088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439155102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439163923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439174891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439184904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439192057 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.439193964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439203978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439213037 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.439213991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439224005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439229965 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.439233065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439239025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439254999 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.439266920 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.439819098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439825058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439834118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439843893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439866066 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.439903975 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.439945936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439956903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439965010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439977884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439985991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439990997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.439995050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440001011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.440001011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440006971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440011978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440016985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440017939 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.440074921 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.440699100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440710068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440718889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440728903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440737963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440743923 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.440747023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440757036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440768003 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.440783024 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.440783978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440794945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440804005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440813065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440820932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440828085 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.440833092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440844059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440853119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440859079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.440862894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.440875053 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.440896034 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.441752911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.441765070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.441772938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.441782951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.441792965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.441802979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.441808939 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.441812038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.441822052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.441831112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.441840887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.441852093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.441859007 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.441860914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.441869974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.441879988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.441883087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.441890955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.441900015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.441906929 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.441917896 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.441951036 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.442667007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.442677975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.442687035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.442697048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.442706108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.442714930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.442719936 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.442724943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.442734957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.442744017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.442744970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.442754030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.442763090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.442775011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.442778111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.442785025 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.442786932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.442796946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.442806959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.442809105 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.442816019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.442830086 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.442847967 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.443425894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.443439007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.443448067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.443458080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.443468094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.443478107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.443481922 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.443486929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.443502903 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.443525076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.523669004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.523701906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.523711920 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.523772001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.523782015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.523787022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.523792982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.523822069 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.523842096 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.523964882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.523974895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.523984909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.523996115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.524034023 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.524065971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.524157047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.524167061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.524177074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.524188042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.524209976 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.524230003 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.524415970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.524425030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.524430037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.524437904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.524447918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.524457932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.524465084 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.524492979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.524723053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.524733067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.524743080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.524751902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.524763107 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.524764061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.524774075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.524785995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.524806023 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.525064945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525074959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525091887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525103092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525110960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.525111914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525122881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525130033 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.525134087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525139093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525147915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525158882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525161028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.525171041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525207996 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.525628090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525639057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525649071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525657892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525665998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525671005 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.525685072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525691986 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.525695086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525702953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525710106 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.525712967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525722027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525732040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525743961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525748968 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.525753021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.525773048 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.525793076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.526432037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526443958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526453018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526463032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526473045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526477098 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.526483059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526492119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526501894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526508093 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.526530981 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.526856899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526868105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526876926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526886940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526901960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.526905060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526915073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526918888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.526926994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526936054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526946068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526954889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526962042 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.526966095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526974916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526985884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.526989937 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.526997089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527007103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527010918 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.527015924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527025938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527028084 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.527050972 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.527808905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527827978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527837038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527847052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527852058 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.527856112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527865887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527873993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527879000 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.527884007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527893066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527903080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527911901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527914047 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.527921915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527925968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527930975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527935028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.527935028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527940989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.527946949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.528012991 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.528804064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.528817892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.528827906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.528836966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.528846025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.528851986 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.528855085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.528865099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.528871059 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.528875113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.528884888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.528893948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.528898001 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.528903961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.528913975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.528923035 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.528924942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.528934956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.528943062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.528948069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.528955936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.528955936 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.528978109 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.529515028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.529560089 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.544538021 CEST44349717104.19.208.152192.168.2.8
                                                  Jul 22, 2024 12:50:45.544624090 CEST49717443192.168.2.8104.19.208.152
                                                  Jul 22, 2024 12:50:45.566499949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.566539049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.566550016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.566589117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.566632986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.566633940 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.566643953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.566767931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.566798925 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.566798925 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.610169888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610212088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610222101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610230923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610240936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610285997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610357046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.610357046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.610357046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.610373020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610384941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610394001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610403061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610416889 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.610444069 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.610563993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610605001 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.610640049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610650063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610660076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610668898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610677958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610682011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.610713959 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.610898972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610914946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610925913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610935926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610939026 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.610944033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610954046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.610968113 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.610997915 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.611252069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.611263037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.611273050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.611280918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.611290932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.611296892 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.611315012 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.611332893 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.611498117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.611506939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.611516953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.611526012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.611535072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.611546040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.611561060 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.611588001 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.611596107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.611604929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.611613989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.611623049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.611633062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.611639023 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.611643076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.611653090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.611655951 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.611671925 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.612302065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.612314939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.612324953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.612334013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.612344027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.612349033 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.612353086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.612361908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.612374067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.612380981 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.612384081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.612396002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.612401962 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.612406015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.612418890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.612423897 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.612442017 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.612991095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613003016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613013029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613023996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613032103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613035917 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.613042116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613051891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613061905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613066912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.613073111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613081932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613086939 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.613092899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613101959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613109112 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.613111973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613121986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613128901 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.613137007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613161087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.613183022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.613662004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613812923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613822937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613831997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613842010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613851070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613853931 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.613862038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613871098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613883018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613887072 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.613890886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613902092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613905907 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.613912106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613924026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613928080 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.613934040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613944054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613946915 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.613953114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613964081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.613967896 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.613985062 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.614729881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.614742994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.614752054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.614762068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.614773035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.614777088 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.614783049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.614793062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.614803076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.614809036 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.614811897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.614823103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.614825964 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.614833117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.614841938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.614847898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.614851952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.614861965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.614866972 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.614871025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.614881992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.614886045 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.614892006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.614923954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.614950895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.615539074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.615551949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.615561962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.615572929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.615581989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.615592003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.615597010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.615602016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.615612030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.615622044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.615622997 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.615633011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.615645885 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.615667105 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.652853966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.652894974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.652905941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.652915001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.652982950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.652993917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.653057098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.653069019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.653088093 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.653088093 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.653120041 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.696738958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.696773052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.696785927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.696819067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.696880102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.696974993 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.696974993 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.697103977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.697144985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.697153091 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.697155952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.697190046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.697304964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.697315931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.697328091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.697338104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.697372913 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.697561979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.697578907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.697587967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.697597027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.697607040 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.697607994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.697618961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.697629929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.697659969 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.697691917 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.697930098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.697977066 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.698045015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698055983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698065042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698076010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698087931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698095083 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.698098898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698110104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698121071 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.698142052 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.698575020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698584080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698589087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698595047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698600054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698609114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698620081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698630095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698640108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698646069 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.698651075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698662043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698669910 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.698673010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698683977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698693037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698693991 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.698704004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.698736906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.699481964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.699491978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.699501991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.699512005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.699523926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.699527979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.699538946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.699542999 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.699549913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.699559927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.699570894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.699580908 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.699584007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.699596882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.699618101 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.699640989 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.699974060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.699984074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.699994087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.700004101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.700014114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.700021029 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.700023890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.700035095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.700041056 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.700043917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.700057030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.700062990 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.700067997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.700078011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.700083017 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.700088024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.700093985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.700102091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.700105906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.700120926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.700129986 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.700172901 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.700997114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.701008081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.701019049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.701028109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.701036930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.701047897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.701055050 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.701060057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.701070070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.701077938 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.701078892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.701088905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.701098919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.701102018 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.701107979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.701117039 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.701118946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.701132059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.701142073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.701142073 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.701150894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.701150894 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.701176882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.701195002 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.702198029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.702208996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.702218056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.702227116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.702238083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.702246904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.702258110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.702261925 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.702270031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.702279091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.702286959 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.702287912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.702297926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.702308893 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.702310085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.702320099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.702332020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.702333927 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.702341080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.702351093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.702356100 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.702387094 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.703087091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.703098059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.703107119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.703130960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.739800930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.739831924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.739842892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.739917994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.739928961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.739939928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.739952087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.740005970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.740006924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.740006924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.740098000 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.783790112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.783813000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.783823013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.783886909 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.783919096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.783978939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.784064054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.784074068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.784080029 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.784085989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.784096956 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.784120083 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.784297943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.784307957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.784320116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.784329891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.784339905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.784349918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.784353971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.784360886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.784382105 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.784647942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.784693003 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.784773111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.784782887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.784792900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.784802914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.784813881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.784822941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.784826040 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.784833908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.784852028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.785275936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.785285950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.785295963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.785305977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.785315990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.785320997 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.785326004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.785335064 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.785336018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.785346031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.785356998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.785362959 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.785367012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.785378933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.785391092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.785401106 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.785430908 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.786009073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786019087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786029100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786037922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786047935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786051989 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.786057949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786068916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786077976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786082983 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.786088943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786098957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786108971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786112070 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.786118984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786128998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786134005 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.786139965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786150932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786151886 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.786163092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786165953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.786207914 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.786926985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786937952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786947966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786957979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786967039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786973953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.786978006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786986113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.786995888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787007093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787010908 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.787017107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787026882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787035942 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.787036896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787048101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787053108 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.787058115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787070036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787071943 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.787081003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787086010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.787098885 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.787834883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787847042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787858963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787868977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787878036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787880898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.787889004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787899971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787904024 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.787909985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787918091 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.787921906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787931919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787933111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.787942886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787951946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787961006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787961006 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.787971973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787980080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.787983894 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.787992001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.788000107 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.788002968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.788014889 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.788048983 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.788568974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.788707972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.788717985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.788733006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.788743019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.788748026 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.788752079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.788763046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.788773060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.788774967 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.788784027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.788791895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.788794994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.788805008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.788809061 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.788816929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.788826942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.788836956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.788837910 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.788846970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.788860083 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.788875103 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.789511919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.789522886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.789531946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.789541960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.789571047 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.789589882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.825915098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.825934887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.825946093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.826001883 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.826037884 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.826078892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.826090097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.826100111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.826111078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.826122046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.826154947 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.870642900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.870692015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.870703936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.870759010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.870810032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.870820999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.870831966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.870842934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.870851994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.870910883 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.871026993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871040106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871051073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871076107 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.871097088 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.871269941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871283054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871294975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871304989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871318102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871320963 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.871330023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871340990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871346951 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.871354103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871367931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871373892 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.871395111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.871892929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871905088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871915102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871926069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871942997 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.871942997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871949911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871954918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871959925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871964931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871970892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871972084 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.871975899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871977091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871978998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871989965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.871994972 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.872003078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.872018099 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.872035980 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.872781038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.872792006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.872802973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.872813940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.872826099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.872833014 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.872838020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.872848988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.872850895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.872863054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.872874022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.872879028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.872884035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.872895956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.872899055 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.872906923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.872917891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.872920990 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.872940063 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.873446941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.873457909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.873469114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.873487949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.873497963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.873501062 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.873508930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.873519897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.873528004 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.873531103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.873542070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.873552084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.873559952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.873563051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.873568058 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.873577118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.873588085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.873599052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.873605013 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.873613119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.873621941 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.873661041 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.874444962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.874459028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.874469995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.874480963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.874491930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.874502897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.874507904 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.874514103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.874526024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.874536037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.874536991 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.874548912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.874560118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.874562979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.874572039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.874577999 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.874583006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.874593973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.874603033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.874614000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.874619007 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.874624968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.874648094 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.875278950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.875289917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.875302076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.875312090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.875328064 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.875330925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.875341892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.875353098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.875355959 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.875364065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.875375986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.875379086 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.875386953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.875397921 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.875399113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.875412941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.875422955 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.875422955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.875437021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.875442028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.875447989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.875469923 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.875499010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.876158953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.876172066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.876183033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.876193047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.876203060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.876211882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.876216888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.876229048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.876239061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:45.876239061 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.876260042 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:45.876282930 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.111043930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.111061096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.111118078 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.111162901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.111175060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.111181021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.111212969 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.111337900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.111351013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.111361980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.111398935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.111515999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.111526966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.111537933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.111552000 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.111582994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.111701965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.111712933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.111723900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.111737967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.111747980 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.111812115 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.111828089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112009048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112020016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112051964 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.112138033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112152100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112164021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112174988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112180948 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.112186909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112210035 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.112242937 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.112530947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112544060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112584114 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.112664938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112678051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112689972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112701893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112713099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112718105 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.112724066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112731934 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.112761974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.112809896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112822056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112832069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112843990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112854958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112864971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112879038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.112883091 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.112900019 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.113632917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.113646030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.113656998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.113667965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.113679886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.113691092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.113693953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.113703012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.113713980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.113729000 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.113748074 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.113775015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.113786936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.113797903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.113816023 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.113831997 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.113955021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.113965988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.113972902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.113982916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.114006996 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.114029884 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.114620924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.114633083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.114679098 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.114765882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.114778996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.114789009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.114800930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.114810944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.114814997 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.114830017 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.114912987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.114923954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.114933968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.114944935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.114952087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.114955902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.114967108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.114970922 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.114979982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.114990950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.114998102 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.115004063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.115022898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.115039110 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.115703106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.115715981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.115726948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.115737915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.115748882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.115752935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.115761042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.115773916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.115784883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.115787029 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.115803957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.115822077 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.115838051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.115852118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.115861893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.115875006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.115885973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.115902901 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.116025925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116039038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116050005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116060019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116080999 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.116106987 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.116687059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116700888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116714001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116725922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116735935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116738081 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.116746902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116756916 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.116759062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116782904 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.116838932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116849899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116861105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116873026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116877079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.116883039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116890907 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.116894960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116905928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116916895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116919994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.116929054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.116940022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.116975069 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.117322922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.117335081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.117346048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.117356062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.117367029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.117372036 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.117378950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.117392063 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.117392063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.117405891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.117415905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.117417097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.117427111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.117434978 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.117439032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.117451906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.117476940 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.117497921 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.117655039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.117666006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.117677927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.117705107 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.117841005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.117851973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.117907047 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.118504047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.118518114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.118531942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.118545055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.118546009 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.118551016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.118557930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.118562937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.118568897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.118613958 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.118643999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.118659019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.118673086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.118684053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.118683100 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.118706942 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.118818045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.118829966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.118839979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.118848085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.118856907 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.118872881 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.119491100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119504929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119514942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119541883 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.119569063 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.119642973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119654894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119666100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119678020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119683027 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.119690895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119702101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119713068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119713068 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.119724035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119735003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119745970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119750977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.119776964 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.119780064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119791985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119803905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119818926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.119957924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119971037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119986057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119997978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.119999886 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.120009899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120021105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120023966 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.120032072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120059013 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.120070934 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.120605946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120616913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120646954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.120788097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120798111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120806932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120816946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120826006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120827913 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.120836020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120845079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.120845079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120856047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120862961 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.120865107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120873928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120882988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120882988 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.120893002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120899916 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.120903969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120913029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120919943 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.120923042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120937109 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.120959997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120961905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.120970011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120980024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.120995045 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.121093035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.121128082 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.121586084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.121597052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.121606112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.121614933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.121627092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.121637106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.121635914 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.121646881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.121659994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.121678114 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.121731043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.121741056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.121751070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.121764898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.121778965 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.121917009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.121928930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.121934891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.122005939 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.122093916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.122103930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.122113943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.122123957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.122133017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.122137070 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.122155905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.122170925 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.122296095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.122306108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.122315884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.122325897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.122334003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.122335911 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.122344971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.122355938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.122359037 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.122365952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.122375965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.122379065 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.122385979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.122395039 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.122395992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.122406006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.122416973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.122447968 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.123087883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.123100042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.123109102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.123119116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.123127937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.123133898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.123137951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.123147011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.123157024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.123161077 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.123167038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.123177052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.123178959 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.123199940 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.123214006 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.123217106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.123229027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.123236895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.123246908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.123261929 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.123284101 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.123410940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.123420954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.123430967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.123440981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.123450041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.123450041 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.123475075 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.131885052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.131897926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.131968021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.132009029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132019043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132029057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132038116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132051945 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.132077932 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.132185936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132196903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132205963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132217884 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.132257938 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.132366896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132375956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132386923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132400036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132424116 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.132446051 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.132550955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132560968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132570028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132579088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132590055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132601976 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.132633924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.132880926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132891893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132900953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132910967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.132927895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.132947922 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.133004904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.133049011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.133189917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.133199930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.133275032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.133348942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.133361101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.133369923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.133380890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.133395910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.133405924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.133414984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.133425951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.133430004 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.133436918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.133450985 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.133469105 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.133989096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.134000063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.134042025 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.134182930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.134192944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.134201050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.134210110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.134218931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.134226084 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.134229898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.134238958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.134244919 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.134249926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.134259939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.134269953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.134270906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.134279966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.134284973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.134325027 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.134802103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.134812117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.134824038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.134834051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.134865046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.134886026 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.134973049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.134984970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.134994984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.135004997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.135013103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.135018110 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.135036945 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.135176897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.135188103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.135196924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.135206938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.135216951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.135220051 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.135227919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.135236979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.135245085 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.135246992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.135262012 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.135278940 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.136032104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.136043072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.136053085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.136122942 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.136188984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.136199951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.136209011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.136219025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.136229038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.136239052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.136249065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.136250973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.136259079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.136269093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.136275053 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.136279106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.136295080 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.136296988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.136306047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.136317015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.136327028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.136331081 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.136364937 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.136995077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137007952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137016058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137026072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137036085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137047052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137048006 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.137057066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137065887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137069941 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.137075901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137084961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137089014 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.137095928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137109041 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.137130976 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.137134075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137145996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137156010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137166023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137165070 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.137203932 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.137315989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137362957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.137495041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137506962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137547970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.137665033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137676954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137686014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137696028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.137712955 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.137732983 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.173063040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.173078060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.173152924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.173186064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.173197985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.173207998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.173249960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.173362970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.173374891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.173408985 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.218987942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.219003916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.219014883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.219065905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.219091892 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.219121933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.219132900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.219144106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.219167948 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.219439030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.219448090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.219485998 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.219510078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.219521046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.219552994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.219741106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.219753027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.219762087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.219772100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.219782114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.219785929 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.219810009 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.219822884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.219831944 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.219835997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.219846010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.219873905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.220134974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.220185995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.220247030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.220257044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.220267057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.220276117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.220283985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.220293999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.220303059 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.220304966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.220330954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.220416069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.220427990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.220436096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.220446110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.220454931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.220459938 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.220498085 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.221020937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.221035004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.221045017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.221055031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.221091032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.221159935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.221170902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.221179962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.221224070 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.221230984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.221250057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.221257925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.221268892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.221277952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.221277952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.221301079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.221322060 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.221788883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.221800089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.221812010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.221821070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.221832037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.221838951 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.221862078 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.221924067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.221965075 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.222127914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.222140074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.222143888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.222152948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.222162962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.222174883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.222186089 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.222218037 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.222282887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.222294092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.222305059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.222313881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.222337961 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.222369909 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.223227978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223238945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223248959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223258972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223267078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223277092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223283052 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.223285913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223311901 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.223362923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223375082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223385096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223390102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223401070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223406076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.223417044 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.223448992 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.223560095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223571062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223581076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223589897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223598957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223618031 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.223645926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.223885059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223896980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223906994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223917007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223927021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223929882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.223937035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223947048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.223951101 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.223970890 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.223992109 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.224021912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.224033117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.224042892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.224054098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.224069118 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.224088907 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.224201918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.224212885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.224217892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.224225998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.224236012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.224245071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.224261045 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.224277020 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.224724054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.224735022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.224742889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.224752903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.224757910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.224767923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.224773884 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.224777937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.224788904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.224793911 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.224797010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.224807978 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.224834919 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.259542942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.259624958 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.259645939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.261770010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.261780977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.261791945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.261801958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.261918068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.261929035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.261940956 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.261940956 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.261976957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.305344105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.305361986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.305372953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.305401087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.305433035 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.305635929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.305645943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.305655956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.305682898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.305779934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.305820942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.305861950 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.306049109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306060076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306068897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306075096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306090117 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.306123018 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.306210995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306221008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306231022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306240082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306250095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306253910 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.306260109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306271076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306277037 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.306299925 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.306499958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306690931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306701899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306706905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306715965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306725979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306735039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306742907 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.306745052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306777000 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.306829929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306840897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306849957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306860924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306869030 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.306870937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306890011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.306972980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.306982994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.307007074 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.307642937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.307652950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.307696104 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.307806015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.307816982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.307825089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.307849884 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.307868004 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.307986021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.307998896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.308005095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.308010101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.308028936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.308032990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.308037996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.308042049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.308062077 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.308084011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.308094025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.308105946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.308150053 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.308286905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.308298111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.308303118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.308307886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.308314085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.308319092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.308429003 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.309204102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.309216976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.309226036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.309231043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.309240103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.309250116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.309254885 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.309259892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.309269905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.309278965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.309281111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.309288979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.309298992 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.309300900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.309312105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.309322119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.309322119 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.309333086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.309340954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.309377909 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.309438944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.309452057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.309457064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.309485912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.310209036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310220957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310233116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310244083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310251951 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.310256004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310267925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310285091 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.310312986 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.310369968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310380936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310388088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310412884 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.310431957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.310494900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310507059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310519934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310530901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310542107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310553074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310559034 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.310565948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310597897 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.310678959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310689926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310700893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310703993 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.310713053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310717106 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.310724974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310735941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310740948 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.310748100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310775042 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.310785055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310794115 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.310796022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310807943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310818911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310830116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310832024 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.310841084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310853004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.310853958 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.310883999 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.347125053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.347196102 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.347253084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.347265005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.347305059 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.347695112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.347704887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.347716093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.347726107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.347749949 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.347775936 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.391940117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.391985893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.391999006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.392062902 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.392272949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.392323017 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.392431021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.392442942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.392448902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.392458916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.392502069 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.392522097 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.392582893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.392595053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.392607927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.392631054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.392848969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.392858982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.392868042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.392894030 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.392925024 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.393011093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393022060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393032074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393042088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393052101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393059969 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.393060923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393070936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393089056 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.393115044 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.393428087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393438101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393444061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393452883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393464088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393480062 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.393506050 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.393609047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393620014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393625021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393631935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393659115 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.393678904 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.393951893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393963099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393969059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393978119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.393989086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.394000053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.394006014 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.394042015 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.394105911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.394117117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.394125938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.394135952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.394145012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.394155025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.394165993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.394167900 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.394176006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.394191980 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.394216061 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.394227028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.394238949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.394287109 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.395112991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.395126104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.395174980 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.395292997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.395304918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.395313978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.395323992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.395333052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.395340919 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.395343065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.395353079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.395363092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.395369053 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.395373106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.395382881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.395391941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.395394087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.395402908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.395406961 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.395412922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.395423889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.395428896 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.395450115 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.395473003 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.396002054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.396013975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.396023989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.396033049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.396044016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.396054029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.396064043 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.396064997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.396131992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.396143913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.396152973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.396157980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.396166086 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.396166086 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.396168947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.396179914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.396188021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.396220922 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.397008896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.397018909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.397031069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.397041082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.397052050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.397090912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.397090912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.397123098 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.397129059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.397316933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.397329092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.397339106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.397349119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.397360086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.397362947 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.397370100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.397381067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.397392035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.397401094 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.397402048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.397412062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.397419930 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.397423029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.397443056 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.397461891 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.397815943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.397826910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.397871017 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.397994995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.398008108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.398017883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.398029089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.398049116 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.398068905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.398138046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.398149014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.398154020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.398159981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.398173094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.398194075 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.436084032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.436161995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.436214924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.436228991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.436271906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.436392069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.436403990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.436414957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.436438084 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.436530113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.436573982 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.479439020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.479456902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.479468107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.479535103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.479540110 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.479579926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.479636908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.479648113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.479659081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.479685068 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.479788065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.479800940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.479829073 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.479945898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.479964018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480000019 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.480103016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480143070 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.480271101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480282068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480290890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480302095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480309010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.480340004 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.480438948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480449915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480460882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480472088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480479002 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.480496883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480515003 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.480633020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480643988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480650902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480660915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480671883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480679035 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.480684996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480709076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.480895996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480906963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480917931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.480940104 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.480968952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.481036901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.481224060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.481234074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.481244087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.481255054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.481260061 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.481265068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.481275082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.481283903 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.481311083 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.481703043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.481714010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.481724024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.481734991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.481739044 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.481745958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.481755972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.481766939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.481770992 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.481776953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.481798887 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.481838942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.481848955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.481873989 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.482048035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.482059956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.482069969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.482079029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.482084990 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.482094049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.482115984 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.482144117 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.482800007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.482810020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.482820034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.482829094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.482840061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.482848883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.482851028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.482877016 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.482896090 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.483122110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.483133078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.483143091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.483153105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.483160019 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.483163118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.483174086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.483190060 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.483280897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.483293056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.483294964 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.483304024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.483314991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.483321905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.483345032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.483355999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.483366966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.483376980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.483386993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.483397007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.483407974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.483412027 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.483442068 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.484277010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.484287024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.484297037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.484308958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.484318018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.484328985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.484332085 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.484338045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.484344006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.484358072 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.484380960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.484431028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.484441996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.484452009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.484462023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.484467030 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.484472036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.484494925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.484504938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.484508991 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.484512091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.484539032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.484559059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.484570026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.484611034 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.485182047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.485192060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.485202074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.485213995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.485229969 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.485249996 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.485323906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.485333920 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.485343933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.485354900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.485364914 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.485383034 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.485486031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.485496998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.485541105 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.523201942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.523211956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.523360014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.523370028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.523379087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.523422003 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.523422003 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.523519993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.523530006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.523557901 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.564776897 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.566834927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.566853046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.566863060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.566874027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.566884041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.566893101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.566899061 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.566901922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.566915989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.566926956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.566936016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.566941023 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.566946030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.566956043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.566965103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.566967964 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.566973925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.566982985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.566984892 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567012072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567013025 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567022085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567030907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567039967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567049026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567054033 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567059040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567068100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567078114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567086935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567090034 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567097902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567109108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567120075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567126989 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567130089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567141056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567150116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567157984 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567159891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567169905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567187071 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567213058 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567357063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567367077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567372084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567382097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567392111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567397118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567405939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567409039 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567414999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567424059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567433119 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567435026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567445040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567449093 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567455053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567464113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567468882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567472935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567482948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567492008 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567496061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567514896 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567538023 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567770958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567787886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567796946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567806005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567810059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567819118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567822933 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567827940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567837000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567842960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567847967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567857027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567863941 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567867041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567877054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567888021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567897081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567898989 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567905903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567915916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567924976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567926884 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567934036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.567950010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.567975998 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.568655014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.568665981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.568675041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.568685055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.568695068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.568705082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.568713903 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.568716049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.568726063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.568732023 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.568751097 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.568767071 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.568824053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.568835020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.568844080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.568852901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.568862915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.568866014 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.568873882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.568882942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.568892956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.568897963 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.568902016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.568916082 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.568943024 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.569694996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.569705963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.569715023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.569730997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.569740057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.569742918 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.569750071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.569757938 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.569761992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.569772959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.569781065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.569785118 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.569793940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.569801092 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.569803953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.569814920 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.569823980 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.569824934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.569834948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.569844961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.569854975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.569859982 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.569885015 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.570599079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.570611000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.570655107 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.625323057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.625343084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.625354052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.625492096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.625502110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.625510931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.625523090 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.625534058 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.625557899 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.625684977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.651581049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.651654005 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.651719093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.651730061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.651772022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.651793957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.651803970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.651813984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.651823044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.651835918 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.651866913 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.651937008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.651947975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.651958942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.651984930 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.652053118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652100086 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.652172089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652182102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652190924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652200937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652209997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652220011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652225018 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.652230024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652239084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652261019 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.652277946 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.652566910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652576923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652585983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652615070 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.652748108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652757883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652766943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652797937 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.652825117 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.652892113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652901888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652910948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652920008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652930975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652940035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652944088 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.652949095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652959108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652967930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652976990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652981043 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.652987957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.652997971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.653002977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.653007984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.653027058 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.653044939 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.653779984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.653789997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.653799057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.653809071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.653819084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.653822899 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.653830051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.653837919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.653842926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.653855085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.653863907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.653871059 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.653875113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.653883934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.653889894 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.653892994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.653903008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.653904915 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.653912067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.653922081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.653932095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.653934956 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.653942108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.653976917 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.655359983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.655371904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.655381918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.655391932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.655409098 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.655432940 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.655603886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.655616045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.655648947 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.655783892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.655977964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.655988932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.655997992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656025887 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.656054974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.656177998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656188011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656198025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656208038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656218052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656225920 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.656228065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656250954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.656266928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656276941 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.656277895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656286001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656296015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656306028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656308889 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.656316042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656326056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656335115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656337023 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.656344891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656357050 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.656385899 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.656443119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656454086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656459093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656465054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656474113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656488895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.656510115 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.656512976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656522989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656533003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656574011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.656637907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656650066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656660080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656670094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656673908 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.656680107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656691074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656701088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656704903 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.656716108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656724930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656734943 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.656735897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656745911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656754971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656764984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656768084 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.656775951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.656804085 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.705265045 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.712167978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.712186098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.712198973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.712256908 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.713303089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.713315010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.713327885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.713340044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.713361979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.713381052 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.742178917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.742275953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.742311001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.742322922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.742363930 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.742554903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.742567062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.742577076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.742597103 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.743004084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743045092 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.743083954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743094921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743104935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743114948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743127108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743129015 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.743159056 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.743530989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743541956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743552923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743566990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743573904 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.743592024 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.743669033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743679047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743689060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743697882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743706942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743710995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.743717909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743729115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743737936 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.743738890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743750095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743760109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743762970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.743772030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743782997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743783951 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.743793964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.743808985 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.743843079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.744411945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.744422913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.744431973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.744442940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.744452953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.744457960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.744513035 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.744534969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.744545937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.744555950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.744566917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.744575977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.744576931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.744587898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.744597912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.744601011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.744609118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.744618893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.744626045 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.744628906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.744638920 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.744673014 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.745253086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745264053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745274067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745285034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745295048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745296955 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.745306969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745318890 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.745342970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.745414019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745424986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745435953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745455027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745491028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.745595932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745606899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745615959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745626926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745637894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745639086 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.745651960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745656967 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.745661974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745672941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745685101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745696068 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.745732069 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.745760918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745771885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745780945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745791912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745796919 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.745800972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745810032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745817900 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.745820999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745834112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745845079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745850086 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.745857000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745867014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745877028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.745877981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745888948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745894909 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.745898962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745909929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.745915890 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.745934963 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.746675968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.746690989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.746701002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.746710062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.746721029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.746725082 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.746731997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.746742010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.746751070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.746752977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.746757030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.746767998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.746769905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.746778011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.746783972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.746788979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.746793985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.746795893 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.746798992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.746804953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.746809959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.746850014 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.747805119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.747818947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.747829914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.747853041 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.747869968 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.747941017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.747951984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.747960091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.747992039 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.799103975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.799118996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.799129963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.799141884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.799171925 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.799190998 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.799233913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.799452066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.799463034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.799494028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.827054977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.827120066 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.827218056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.827229977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.827240944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.827251911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.827279091 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.827300072 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.827362061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.827373028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.827382088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.827392101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.827415943 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.827436924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.827527046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.827538967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.827543974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.827553988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.827584982 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.827605963 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.827694893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.829940081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.829982996 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.830131054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.830142021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.830195904 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.830285072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.830296040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.830301046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.830312014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.830334902 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.830349922 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.830459118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.830476046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.830486059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.830496073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.830507040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.830509901 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.830530882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.830646038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.830657959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.830681086 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.831141949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831151962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831157923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831166983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831176996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831187010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831191063 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.831197977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831207037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831208944 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.831218958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831224918 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.831229925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831243992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831259012 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.831285954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.831608057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831619024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831629038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831639051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831653118 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.831676960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.831780910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831790924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831800938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831811905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831821918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831831932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831832886 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.831842899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.831845999 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.831862926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.832204103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.832216024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.832226038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.832236052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.832241058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.832248926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.832252026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.832267046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.832273006 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.832318068 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.832777023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.832788944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.832798958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.832808971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.832818031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.832823038 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.832828999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.832839012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.832840919 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.832861900 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.832948923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.832990885 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.833061934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.833071947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.833081961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.833091974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.833101988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.833103895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.833112955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.833122969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.833127975 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.833132982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.833152056 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.833163023 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.833935976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.833946943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.833956003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.833966017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.833976030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.833981037 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.834000111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.834105015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.834116936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.834126949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.834136963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.834142923 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.834147930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.834157944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.834167957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.834172010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.834197044 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.834211111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.834244013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.834254980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.834264994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.834275007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.834285021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.834289074 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.834309101 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.834676981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.834727049 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.834837914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.834850073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.834860086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.834870100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.834882975 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.834913015 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.834975958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.834986925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.834996939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.835006952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.835016966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.835021973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.835027933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.835036039 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.835037947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.835071087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.840861082 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.840967894 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.886645079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.886662960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.886674881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.886718035 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.886780977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.886791945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.886801958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.886812925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.886816978 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.886851072 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.913570881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.913718939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.913732052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.913743973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.913754940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.913765907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.913769007 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.913777113 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.913813114 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.913827896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.913850069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.913872957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.914001942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.914016008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.914026976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.914057970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.914078951 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.914136887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.914150000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.914161921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.914184093 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.916290998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.916302919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.916347980 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.916464090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.916476011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.916512966 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.916611910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.916623116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.916635036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.916657925 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.916676044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.916681051 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.916811943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.916824102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.916835070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.916846037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.916853905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.916858912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.916868925 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.916902065 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.917423010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.917434931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.917447090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.917459011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.917467117 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.917470932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.917483091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.917490959 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.917495012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.917501926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.917522907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.917529106 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.917557955 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.917824984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.917870045 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.918005943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918016911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918056011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.918175936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918186903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918198109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918209076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918220043 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.918220043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918226004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918236971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918247938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918262005 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.918297052 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.918615103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918626070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918637991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918648958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918659925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918663979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.918669939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918680906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918683052 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.918693066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918699026 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.918704987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918715954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918729067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.918737888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.918771029 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.919298887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.919310093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.919321060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.919331074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.919343948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.919347048 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.919363022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.919389009 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.919600964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.919611931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.919622898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.919636965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.919646025 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.919678926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.919779062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.919790983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.919800997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.919812918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.919822931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.919821024 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.919836044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.919842005 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.919850111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.919861078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.919872999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.919888973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.919912100 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.920010090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.920022964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.920032978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.920044899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.920057058 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.920075893 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.920783043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.920794964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.920804024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.920814037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.920831919 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.920856953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.920943975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.920953989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.920964003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.920974016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.920983076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.920989037 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.920996904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.921008110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.921016932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.921020031 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.921026945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.921036959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.921044111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.921046972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.921056986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.921065092 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.921066046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.921088934 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.921108007 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.921436071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.921447039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.921456099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.921464920 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.921479940 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.921504974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.921622038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.921797037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.921807051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.921816111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.921839952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.921866894 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.973819971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.973946095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.973997116 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.974097967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.978387117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.978398085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.978441954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:46.978451967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.978462934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:46.978487015 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.000420094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.000430107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.000441074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.000495911 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.000741959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.000751019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.000761032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.000770092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.000778913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.000787973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.000801086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.000809908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.000816107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.000824928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.000834942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.000878096 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.000878096 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.000878096 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.000878096 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.002943039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.002953053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.002964020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.002974987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.002995014 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.003020048 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.003088951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.003099918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.003109932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.003125906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.003156900 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.003598928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.003609896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.003650904 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.003752947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.003762007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.003771067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.003787041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.003797054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.003813982 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.003839970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.004101038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.004112005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.004117012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.004126072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.004136086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.004144907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.004151106 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.004154921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.004168034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.004170895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.004209042 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.004467964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.004478931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.004501104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.004508972 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.004511118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.004534006 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.004764080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.004774094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.004806995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.004848957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.004889965 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.004996061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005006075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005014896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005023956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005033970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005038977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.005043983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005053997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005064011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005065918 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.005074024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005080938 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.005084991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005095959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005100012 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.005127907 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.005575895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005584955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005630016 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.005752087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005763054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005768061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005839109 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.005882978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005893946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005904913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005914927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005923986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005927086 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.005934954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005944014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.005944967 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.005968094 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.006042957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.006052971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.006062031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.006072044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.006084919 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.006093979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.006181955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.006194115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.006202936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.006213903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.006222963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.006225109 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.006233931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.006242990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.006247997 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.006268978 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.006278992 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.006321907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.006331921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.006340027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.006350994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.006356001 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.006386995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.007397890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.007407904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.007420063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.007430077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.007440090 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.007463932 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.007538080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.007549047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.007558107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.007567883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.007577896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.007582903 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.007589102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.007597923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.007608891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.007611036 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.007642984 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.007659912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.007669926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.007678986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.007688999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.007698059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.007719040 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.007731915 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.008471012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.008486986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.008503914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.008513927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.008522987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.008527040 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.008533001 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.008537054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.008558035 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.049076080 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.058471918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.058482885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.058495045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.058505058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.058515072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.058526039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.058537006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.058542967 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.058701992 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.085915089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.085932016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.085943937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.085954905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.085966110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.086061001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.086071014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.086121082 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.086121082 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.086318016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.086328983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.086344957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.086371899 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.087398052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.087409019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.087418079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.087443113 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.087510109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.087519884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.087555885 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.088186026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.088196039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.088205099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.088217974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.088227987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.088231087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.088241100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.088252068 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.088263035 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.088531017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.088577032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.088726044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.088736057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.088746071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.088757038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.088766098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.088771105 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.088777065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.088790894 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.088824987 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.088912964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089032888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089041948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089054108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089063883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089073896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089076996 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.089083910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089092970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089101076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.089102983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089112043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089116096 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.089133978 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.089157104 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.089663029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089673042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089682102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089690924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089701891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089706898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.089744091 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.089821100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089864016 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.089925051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089940071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089951038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089962006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089972019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089977980 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.089982033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.089989901 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.089993000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090003014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090023994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.090042114 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.090060949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090245962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090256929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090292931 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.090365887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090375900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090384960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090394974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090408087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.090420961 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.090538025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090583086 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.090653896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090665102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090673923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090683937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090696096 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.090717077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090728045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090728998 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.090738058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090749025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090754032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.090758085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090769053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090791941 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.090817928 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.090888977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090899944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090909958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.090934992 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.091069937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.091080904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.091114998 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.091731071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.091741085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.091749907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.091775894 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.091794014 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.091886997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.091897011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.091902018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.091911077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.091938972 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.091963053 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.092075109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.092086077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.092094898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.092104912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.092113972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.092117071 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.092124939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.092133999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.092142105 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.092159986 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.092220068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.092230082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.092238903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.092253923 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.092277050 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.093148947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.093161106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.093170881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.093179941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.093194962 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.093221903 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.093332052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.093342066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.093350887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.093360901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.093370914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.093379974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.093385935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.093390942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.093400002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.093408108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.093420029 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.093444109 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.148156881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.148199081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.148210049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.148243904 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.148447990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.148490906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.148597956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.148775101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.148818016 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.148874044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.174000025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.174015045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.174026012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.174113989 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.174448013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.174458027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.174468040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.174478054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.174529076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.174609900 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.174609900 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.174700975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.174710989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.174720049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.174729109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.174737930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.174746990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.174752951 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.174787998 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.174997091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175005913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175014973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175033092 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.175066948 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.175333977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175343990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175354004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175363064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175373077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175386906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175396919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175399065 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.175405979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175415993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175424099 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.175426006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175442934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175448895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.175453901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175472975 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.175489902 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.175575018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175585985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175595045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175606012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175630093 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.175661087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.175748110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175916910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175926924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175935984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175946951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.175952911 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.175977945 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.176026106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176033974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176048994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176058054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176065922 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.176068068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176078081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176086903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176094055 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.176098108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176109076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176111937 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.176117897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176129103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176135063 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.176153898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.176172018 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.176261902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176271915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176282883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176292896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176304102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176307917 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.176314116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176328897 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.176359892 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.176430941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176441908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176450968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176461935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176471949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.176486969 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.176517010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.177222967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177233934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177242994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177261114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177263975 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.177272081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177292109 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.177316904 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.177366972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177380085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177390099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177400112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177407980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177418947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177428961 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.177429914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177457094 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.177661896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177704096 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.177819014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177829981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177838087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177848101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177858114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177864075 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.177884102 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.177958012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177968979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177977085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177987099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.177992105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178002119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178004026 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.178011894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178020954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178024054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.178030014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178040981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178045988 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.178050995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178066015 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.178088903 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.178313017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178323984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178330898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178339958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178349972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178359985 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.178364992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178374052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178385019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178386927 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.178395033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178400040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178410053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178412914 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.178421021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178430080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178435087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.178440094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178452015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178456068 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.178462029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.178472042 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.178510904 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.234530926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.234548092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.234558105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.234568119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.234577894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.234586954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.234599113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.234654903 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.234817028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.260767937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.260786057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.260801077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.260862112 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.260888100 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.261238098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261249065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261259079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261269093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261284113 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.261316061 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.261419058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261430979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261440039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261450052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261460066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261465073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261475086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261482954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.261483908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261490107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261497974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261501074 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.261507988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261518955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261523962 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.261528969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261538982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261542082 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.261552095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261559963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261564970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.261571884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.261574984 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.261609077 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.262053967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.262064934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.262074947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.262084961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.262094975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.262096882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.262105942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.262123108 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.262145996 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.262183905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.262193918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.262202978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.262213945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.262223005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.262223959 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.262234926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.262243032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.262245893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.262253046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.262255907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.262279987 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.262465000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.262475014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.262511015 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263082981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263092995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263103008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263112068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263122082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263127089 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263130903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263147116 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263164043 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263214111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263223886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263232946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263243914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263252974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263254881 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263263941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263274908 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263307095 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263556957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263566971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263576031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263585091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263590097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263598919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263605118 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263607979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263612986 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263617992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263628006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263631105 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263638973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263648033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263654947 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263658047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263669968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263673067 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263679028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263688087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263689995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263699055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263701916 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263736010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263791084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263802052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263811111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263819933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263824940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263833046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263834953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263844967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263854027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263856888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263864040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263873100 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263875961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263885975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263895988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263906002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263906956 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263916969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.263931036 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.263952971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.264317036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.264328003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.264336109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.264344931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.264350891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.264359951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.264364004 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.264369965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.264379978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.264384031 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.264389038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.264399052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.264403105 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.264409065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.264419079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.264426947 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.264430046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.264436007 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.264441013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.264455080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.264476061 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.264501095 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.264986992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.264997959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.265007019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.265017033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.265028000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.265037060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.265039921 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.265048027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.265058041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.265064001 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.265069008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.265079021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.265094995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.314620972 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.322532892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.322555065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.322566986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.322577000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.322644949 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.322768927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.322782040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.322833061 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.322894096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.350522995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.350542068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.350554943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.350560904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.350570917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.350581884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.350598097 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.350626945 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.350756884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.350768089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.350795031 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.350938082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.350948095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.350958109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.350969076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.350980997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.350981951 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.351002932 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.351032019 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.351089001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351269007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351279020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351289988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351300001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351309061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351311922 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.351320028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351329088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351334095 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.351340055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351367950 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.351706982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351717949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351727009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351736069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351757050 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.351785898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.351905107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351916075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351933002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351938009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351944923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351948977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.351953983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351963997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351974964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.351979017 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.352009058 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.352355957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352411032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.352543116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352554083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352561951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352567911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352577925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352588892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352597952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352608919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352608919 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.352618933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352631092 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.352655888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.352696896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352708101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352713108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352721930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352731943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352741003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352747917 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.352751017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352761984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352773905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352782965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.352786064 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.352786064 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.352818966 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.353339911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.353352070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.353362083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.353389978 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.353420973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.353511095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.353522062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.353530884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.353542089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.353550911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.353560925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.353563070 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.353569984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.353585005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.353591919 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.353595972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.353605986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.353631020 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.353662014 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.353681087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.353691101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.353749990 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.353854895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.353868961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.353880882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.353925943 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.358823061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.358834982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.358841896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.358911037 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.359075069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359085083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359095097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359105110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359146118 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.359435081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359446049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359457016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359467030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359477043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359482050 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.359503984 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.359774113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359786034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359795094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359801054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359812021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359822035 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.359823942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359833956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359848022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.359873056 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.359939098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359950066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359958887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359968901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.359978914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.360002995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.360394955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.360404015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.360413074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.360423088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.360433102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.360440016 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.360475063 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.407102108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.407125950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.407136917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.407197952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.407243967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.407253981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.407263994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.407279968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.407305002 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.407324076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.437282085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.437328100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.437340975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.437387943 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.437421083 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.437436104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.437447071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.437458992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.437469006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.437498093 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.437521935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.437688112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.437700033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.437710047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.437721014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.437731981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.437742949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.437748909 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.437756062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.437767029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.437773943 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.437792063 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.437813044 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.438086987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438097954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438107967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438117981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438127995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438138008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438138008 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.438148022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438158989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438164949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438174963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438177109 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.438185930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438189983 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.438199043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438205957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.438246965 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.438815117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438826084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438836098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438846111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438855886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438865900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438874006 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.438877106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438889027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438899994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438903093 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.438911915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.438926935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.438955069 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.439327002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.439338923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.439351082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.439361095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.439366102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.439374924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.439385891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.439397097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.439403057 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.439408064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.439418077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.439429045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.439430952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.439439058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.439451933 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.439481974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.440025091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440036058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440045118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440054893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440062046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440072060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440072060 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.440083027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440093040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440103054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.440104961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440114021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440120935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.440125942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440133095 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.440136909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440148115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440159082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440166950 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.440169096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440180063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440190077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440192938 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.440201044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440213919 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.440237999 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.440818071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440830946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440840960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440850973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.440876007 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.440886974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.454176903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.454195976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.454205990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.454267025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.454274893 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.454277992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.454313040 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.454360962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.454370975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.454380989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.454401970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.454421997 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.454572916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.454586983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.454597950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.454607010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.454617977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.454627991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.454631090 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.454653025 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.454672098 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.454873085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.454885960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.454895973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.454905033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.454917908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.454920053 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.454950094 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.455149889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.455161095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.455171108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.455235958 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.455403090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.455413103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.455423117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.455432892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.455442905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.455446959 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.455452919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.455462933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.455468893 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.455473900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.455485106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.455495119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.455496073 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.455512047 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.455530882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.455883026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.455893993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.455904007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.455936909 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.493551016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.493575096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.493586063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.493666887 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.493678093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.493689060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.493699074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.493710041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.493719101 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.493746042 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.523493052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.523520947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.523607016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.523608923 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.523619890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.523633003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.523643970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.523693085 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.523777962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.523791075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.523801088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.523819923 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.523901939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.523911953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.523942947 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.524027109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524038076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524053097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524055958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524060965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524065971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.524071932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524094105 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.524337053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524348021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524358988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524369955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524375916 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.524398088 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.524559975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524571896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524578094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524586916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524600029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524601936 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.524610043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524620056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524630070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524635077 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.524641037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524651051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524658918 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.524662018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524672031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.524677038 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.524698019 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.525280952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.525290966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.525300980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.525310040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.525320053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.525321007 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.525330067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.525340080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.525348902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.525358915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.525362968 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.525368929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.525378942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.525383949 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.525388002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.525398016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.525405884 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.525407076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.525415897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.525425911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.525430918 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.525460005 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.525969028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.525981903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.525991917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.526002884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.526010036 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.526045084 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.526283979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.526299953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.526309967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.526319981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.526321888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.526326895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.526335955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.526345968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.526356936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.526365995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.526365995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.526376963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.526386023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.526395082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.526401043 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.526407957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.526417971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.526427984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.526434898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.526438951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.526448965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.526451111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.526470900 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.526489019 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.527096987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.527108908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.527117968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.527127981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.527142048 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.527178049 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.528736115 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.528822899 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.548096895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548131943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548145056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548233032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548243999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548248053 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.548254967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548269987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548280954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.548310041 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.548538923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548552036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548559904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548571110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548582077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548589945 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.548595905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548608065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548624992 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.548650980 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.548880100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548892975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548904896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548917055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548928022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548939943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.548960924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.548996925 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.549252987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.549268007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.549279928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.549289942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.549302101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.549308062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.549309969 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.549319983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.549355030 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.549617052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.549629927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.549640894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.549653053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.549664021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.549674988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.549678087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.549688101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.549700022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.549745083 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.580179930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.580195904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.580208063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.580281019 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.580322981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.580334902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.580341101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.580363989 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.580383062 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.580444098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.610327005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.610356092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.610368013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.610462904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.610476971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.610488892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.610502005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.610547066 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.610547066 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.610547066 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.610656023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.610667944 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.610670090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.610709906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.610856056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.610869884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.610881090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.610892057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.610903025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.610908031 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.610914946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.610927105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.610934973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.610958099 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.611248016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611260891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611274004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611284971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611293077 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.611296892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611310005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611314058 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.611321926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611334085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611335039 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.611350060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611366034 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.611392021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.611809969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611823082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611834049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611845016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611854076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.611855984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611866951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611879110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611885071 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.611891031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611901999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611907959 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.611912966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611924887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611936092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611937046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.611947060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611958027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611965895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.611969948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.611982107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.612004042 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.612030983 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.612683058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.612699032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.612709999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.612725019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.612735987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.612740040 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.612747908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.612757921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.612761974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.612770081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.612781048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.612792015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.612795115 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.612802982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.612813950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.612819910 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.612826109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.612832069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.612837076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.612842083 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.612905025 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.613605976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.613620043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.613631010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.613642931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.613651037 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.613653898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.613667965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.613668919 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.613681078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.613692999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.613698006 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.613704920 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.613715887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.613725901 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.613728046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.613740921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.613746881 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.613751888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.613765955 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.613766909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.613795042 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.634545088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.634571075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.634582996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.634720087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.634720087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.634727955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.634742022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.634753942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.634767056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.634778976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.634785891 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.634833097 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.635011911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635024071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635030031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635040045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635046005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635051012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635057926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635060072 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.635133982 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.635413885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635426044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635437012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635448933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635456085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635461092 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.635468006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635479927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635479927 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.635492086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635505915 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.635525942 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.635740995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635754108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635795116 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.635946035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635957956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635963917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635973930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635986090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.635997057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.636002064 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.636008978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.636019945 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.636019945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.636033058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.636038065 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.636044979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.636066914 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.636095047 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.666670084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.666690111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.666703939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.666716099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.666728020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.666755915 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.666851997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.666862965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.666868925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.666913986 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.666950941 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.696926117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.696955919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.696969032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697062016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697073936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697086096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697098970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697104931 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.697132111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.697132111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.697290897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697303057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697315931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697336912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.697364092 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.697423935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697508097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697519064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697530985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697542906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697549105 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.697556019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697582006 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.697599888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.697861910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697873116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697885036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697896004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697907925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697910070 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.697918892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697930098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697937012 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.697942019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697956085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697957039 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.697967052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.697978973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.697984934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.698004961 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.698363066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.698374987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.698410988 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.698467970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.698479891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.698491096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.698502064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.698509932 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.698513985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.698525906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.698538065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.698540926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.698549032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.698570967 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.698909998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.698920965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.698931932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.698950052 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.698971987 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.698987961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.698999882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699011087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699023962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699034929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699047089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699047089 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.699058056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699074030 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.699096918 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.699613094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699626923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699639082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699649096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699660063 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.699661016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699673891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699681044 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.699685097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699695110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699700117 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.699707031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699717999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699728966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699733973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.699739933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699750900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699762106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699764013 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.699774027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699784994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.699784994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699798107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.699804068 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.699843884 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.700402975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.700414896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.700428963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.700442076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.700447083 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.700453997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.700479031 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.721154928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.721165895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.721173048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.721251965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.721262932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.721271992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.721338987 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.721338987 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.721451998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.721462011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.721472025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.721498013 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.721518040 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.721647978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.721658945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.721668005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.721677065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.721687078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.721692085 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.721697092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.721709013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.721724033 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.721745968 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.721961021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.722002029 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.722019911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.722031116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.722039938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.722063065 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.722271919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.722281933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.722291946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.722301960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.722311020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.722315073 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.722321033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.722331047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.722340107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.722343922 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.722363949 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.722630978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.722641945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.722652912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.722665071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.722672939 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.722673893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.722685099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.722695112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.722701073 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.722722054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.753504992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.753532887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.753542900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.753612041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.753689051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.753699064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.753710032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.753710032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.753710032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.753741980 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.783173084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783205032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783219099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783319950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783330917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783340931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783353090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783396006 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.783396006 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.783396006 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.783521891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783530951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783540964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783551931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783642054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.783642054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.783642054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.783694029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783704042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783715963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783725023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783737898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.783763885 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.783911943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783921957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783931971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783941984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783951998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783955097 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.783962965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.783992052 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.784013987 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.784250975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.784261942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.784276009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.784286022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.784295082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.784298897 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.784320116 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.784425974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.784435987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.784445047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.784456015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.784466028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.784468889 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.784476042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.784497023 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.784775972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.784786940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.784796000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.784805059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.784811020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.784818888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.784821033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.784830093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.784847975 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.784868956 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.785235882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785247087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785254955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785269022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785279989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785280943 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.785285950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785296917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785305977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785311937 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.785317898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785330057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785337925 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.785343885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785352945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785362959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785377026 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.785406113 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.785780907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785792112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785800934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785809040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785814047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785824060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785826921 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.785835028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785845995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.785847902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.785867929 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.786212921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.786223888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.786233902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.786243916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.786253929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.786259890 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.786293030 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.786546946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.786556959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.786566973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.786576986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.786586046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.786588907 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.786597013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.786608934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.786609888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.786618948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.786628962 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.786628962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.786648989 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.807553053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.807570934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.807581902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.807706118 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.807706118 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.807729959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.807739973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.807749987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.807759047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.807770014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.807775021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.807791948 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.808008909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808018923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808029890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808039904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808048964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808053017 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.808084011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.808218002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808314085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808324099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808332920 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808342934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808351994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808355093 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.808362007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808371067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808382034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808384895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.808391094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808403969 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.808423042 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.808933020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808943033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808953047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808963060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808971882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808975935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.808983088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808994055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.808998108 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.809003115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.809012890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.809017897 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.809024096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.809035063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.809037924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.809061050 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.839904070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.839931011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.839941978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.839958906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.839999914 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.840065956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.840076923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.840087891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.840198994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.840198994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.840198994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.869643927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.869672060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.869683027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.869770050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.869779110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.869788885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.869800091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.869920015 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.869920015 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.869939089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.869982004 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.870004892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870016098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870057106 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.870165110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870176077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870187044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870197058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870214939 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.870230913 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.870417118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870426893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870436907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870448112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870457888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870464087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.870467901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870477915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870482922 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.870505095 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.870743990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870754004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870763063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870771885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870781898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870784044 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.870815992 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.870949984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870959997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.870992899 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.871047974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871058941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871068001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871078968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871088982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871098042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871104002 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.871109009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871119022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871131897 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.871151924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.871520042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871529102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871537924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871547937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871558905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871560097 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.871568918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871577024 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.871578932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871617079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.871623993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871634960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871644974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871654987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871661901 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.871664047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871675014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871684074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871687889 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.871694088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871702909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.871717930 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.871732950 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.872343063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.872353077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.872363091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.872371912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.872379065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.872383118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.872385025 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.872405052 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.872422934 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.872694969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.872705936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.872715950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.872726917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.872736931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.872741938 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.872747898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.872756958 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.872760057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.872771025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.872781992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.872792006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.872793913 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.872805119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.872816086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.872847080 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.872864962 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.873219013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.873229027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.873240948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.873249054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.873266935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.873287916 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.894179106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.894205093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.894216061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.894279003 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.894386053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.894397020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.894407988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.894418955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.894521952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.894521952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.894536018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.894546986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.894571066 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.894714117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.894725084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.894736052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.894747019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.894752026 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.894758940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.894768953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.894779921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.894781113 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.894814968 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.895190954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.895201921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.895211935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.895217896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.895230055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.895241022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.895252943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.895257950 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.895265102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.895277023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.895287991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.895291090 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.895312071 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.895329952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.895576000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.895689011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.895699978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.895709991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.895721912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.895729065 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.895733118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.895744085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.895756006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.895759106 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.895780087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.895798922 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.926179886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.926218033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.926229000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.926323891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.926384926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.926394939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.926413059 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.926440954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.926449060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.926493883 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.956136942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.956156969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.956166983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.956185102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.956239939 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.956253052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.956263065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.956353903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.956407070 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.956407070 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.956407070 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.956415892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.956427097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.956461906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.956535101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.956546068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.956557035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.956567049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.956584930 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.956610918 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.956783056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.956794977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.956804037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.956830025 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.957020998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957031012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957040071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957068920 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.957082033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957092047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957097054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.957102060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957120895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.957185984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957197905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957222939 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.957242966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957253933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957262039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957272053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957284927 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.957310915 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.957524061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957534075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957568884 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.957686901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957696915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957707882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957717896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957727909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957731962 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.957740068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957746029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957746983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957751989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.957765102 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.957817078 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.958163023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958173037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958180904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958190918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958200932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958214998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958216906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.958225012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958234072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958236933 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.958244085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958252907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958259106 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.958266020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958276987 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.958280087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958298922 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.958317995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.958761930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958772898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958781958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958795071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958803892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958811998 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.958815098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958825111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958843946 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.958863974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.958880901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958892107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958897114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958906889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958918095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958925009 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.958926916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958935976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958945990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958955050 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.958956003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.958992958 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.959742069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.959752083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.959757090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.959767103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.959777117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.959788084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.959795952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.959815979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.959832907 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.980526924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.980542898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.980552912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.980591059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.980601072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.980612040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.980709076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.980709076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.980709076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.980758905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.980768919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.980797052 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.980879068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.980889082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.980920076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.980947018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.980957985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.980967045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.980976105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.980986118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.980988979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.981013060 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.981292963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.981302977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.981311083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.981321096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.981331110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.981338978 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.981339931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.981352091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.981359959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.981368065 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.981372118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.981389999 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.981410980 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.981786966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.981796980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.981806993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.981817007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.981826067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.981832981 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.981834888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.981844902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.981859922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.981868029 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.981890917 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.981901884 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.982115030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.982125998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.982134104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.982141972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.982153893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:47.982175112 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:47.982186079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.013125896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.013149023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.013159990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.013171911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.013180971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.013189077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.013200998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.013266087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.013458014 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.042794943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.042830944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.042843103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.042885065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.042895079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.042933941 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.042994976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.043004990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.043015003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.043137074 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.043137074 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.043209076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.043219090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.043227911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.043286085 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.043346882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.043355942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.043365955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.043379068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.043405056 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.043587923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.043597937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.043606997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.043617964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.043627024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.043632030 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.043637991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.043648005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.043658018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.043663979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.043690920 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.044100046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044110060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044117928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044133902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044145107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044148922 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.044153929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044164896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044167995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.044174910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044184923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044186115 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.044194937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044209957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.044214964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044229984 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.044255972 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.044758081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044768095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044775963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044785976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044795990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044805050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044816017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044825077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044835091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044843912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044855118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044862032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.044863939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044873953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044883013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.044956923 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.045344114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.045355082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.045403004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.045413017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.045416117 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.045422077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.045432091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.045442104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.045449972 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.045480013 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.045792103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.045802116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.045811892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.045838118 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.045855045 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.045921087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.045932055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.045942068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.045952082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.045960903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.045965910 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.045970917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.045979977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.045990944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.046000004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.046000004 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.046010971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.046020031 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.046020985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.046031952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.046041965 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.046077967 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.069932938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.069955111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.069964886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070050955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070135117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070143938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070159912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.070159912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.070230961 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.070250988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070261002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070271015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070281029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070327044 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.070355892 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.070472002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070482016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070491076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070533991 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.070543051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070554972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070564985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070626974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.070775986 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.070910931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070919991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070930958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070940971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070950031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070960045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.070976973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.071006060 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.071352005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.071362019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.071371078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.071381092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.071391106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.071399927 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.071400881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.071413040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.071422100 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.071424961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.071439028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.071470022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.071702957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.071712971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.071717978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.071727991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.071754932 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.071773052 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.099488974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.099517107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.099526882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.099536896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.099546909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.099608898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.099620104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.099657059 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.099746943 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.129262924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.129292011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.129321098 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.129786968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.129828930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.129832983 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.129841089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.129878998 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.129987001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.129998922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.130003929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.130009890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.130050898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.130237103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.130248070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.130259037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.130269051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.130279064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.130311012 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.130579948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.130589962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.130599022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.130608082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.130618095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.130626917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.130629063 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.130639076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.130650043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.130660057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.130661011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.130671024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.130685091 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.130711079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.131098986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131124020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131128073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131136894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131146908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131158113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131172895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.131196022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.131417990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131428003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131441116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131452084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131460905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131464005 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.131468058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131474972 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.131520987 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.131546021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131556988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131566048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131576061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131584883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131591082 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.131594896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131604910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131613970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131620884 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.131623983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131633997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.131654978 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.131665945 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.133707047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.133718014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.133727074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.133735895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.133744955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.133754969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.133764029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.133774042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.133781910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.133837938 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.133840084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.133903027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.133913040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.133936882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.133987904 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.134016037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.134027004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.134093046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.134134054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.134182930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.134193897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.134198904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.134198904 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.134208918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.134296894 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.134438038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.134447098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.134457111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.134466887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.134478092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.134481907 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.134510994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.158560038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.158584118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.158596992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.158646107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.158655882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.158667088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.158679008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.158684015 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.158751011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.158927917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.158937931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.158947945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.158957958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.158967018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.158972025 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.158981085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.158993006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.159001112 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.159003973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.159034014 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.159281969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.159462929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.159472942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.159482956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.159492016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.159501076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.159502029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.159512043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.159522057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.159532070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.159532070 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.159543037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.159554005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.159568071 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.159590006 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.159921885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.159933090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.159964085 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.159984112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.159995079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.160005093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.160015106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.160023928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.160028934 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.160033941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.160042048 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.160056114 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.186254025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.186278105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.186290026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.186372042 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.186413050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.186423063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.186433077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.186495066 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.186500072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.186553001 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.216753960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.216779947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.216792107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.216886997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.216885090 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.216901064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.216911077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.216922998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.216924906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.216964960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.217089891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217102051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217114925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217138052 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.217170000 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.217171907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217184067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217195034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217211962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217214108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217215061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217247963 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.217268944 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.217828989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217843056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217848063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217849970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217859983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217869997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217879057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217889071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217899084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217909098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217916965 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.217919111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217928886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217938900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217950106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217952013 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.217959881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217969894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.217992067 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.217992067 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.218010902 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.218569994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.218580961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.218590021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.218600035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.218611956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.218631983 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.218637943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.218648911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.218658924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.218661070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.218672037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.218682051 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.218683004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.218708038 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.218740940 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.219221115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.219233036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.219243050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.219258070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.219271898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.219281912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.219281912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.219295025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.219305038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.219311953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.219316959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.219329119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.219335079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.219341040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.219346046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.219352961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.219369888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.219374895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.219381094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.219389915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.219396114 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.219400883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.219412088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.219433069 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.219458103 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.220108032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.220123053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.220128059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.220136881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.220149040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.220160007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.220170975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.220180035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.220182896 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.220192909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.220206976 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.220231056 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.243437052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.243551970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.243582010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.243592978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.243607044 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.243632078 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.243675947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.243777990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.243817091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.243849039 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.243900061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.243911982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.243925095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.243936062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.243937969 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.243968964 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.244142056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244153976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244163990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244175911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244184971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.244188070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244209051 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.244237900 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.244364977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244383097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244410038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244420052 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.244421005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244465113 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.244672060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244683027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244693041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244698048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244709969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244714975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244730949 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.244736910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244748116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244756937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244759083 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.244767904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244780064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244785070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244792938 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.244795084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244801044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.244817019 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.244838953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.273058891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.273094893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.273107052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.273125887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.273179054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.273190975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.273197889 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.273200989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.273236990 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.273267984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.273277998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.273305893 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.303026915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303052902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303064108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303092003 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.303195000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303205967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303219080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303230047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303246021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.303256035 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.303749084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303761005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303771019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303786993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303792953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.303797007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303807020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303817987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303819895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.303828001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303838015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303842068 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.303848028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303858995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303862095 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.303869009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303879023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303881884 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.303889990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303899050 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.303901911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303913116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.303919077 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.303942919 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.304342031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.304353952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.304363966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.304374933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.304384947 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.304384947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.304395914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.304405928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.304409027 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.304419041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.304424047 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.304455996 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.305001974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305012941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305022955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305032969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305042028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305046082 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.305052042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305063009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305072069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305074930 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.305083990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305094004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305104017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305109024 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.305128098 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.305145025 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.305485010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305495024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305500031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305505037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305510044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305520058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305536032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305546999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305553913 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.305557013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305567026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305568933 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.305577040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305584908 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.305588007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305598021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305608034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305608988 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.305617094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305619001 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.305627108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305638075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.305660009 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.305682898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.306380987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.306391954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.306401014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.306410074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.306420088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.306425095 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.306430101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.306440115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.306449890 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.306452036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.306461096 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.306463003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.306473970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.306493998 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.306516886 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.331597090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.331634998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.331655025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.331666946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.331682920 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.331723928 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.331790924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.331800938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.331813097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.331831932 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.331845999 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.331921101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.331932068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.331974983 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.332000971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.332010984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.332021952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.332035065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.332060099 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.332081079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.332304955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.332319021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.332329035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.332367897 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.332437992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.332489967 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.332585096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.332596064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.332604885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.332616091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.332627058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.332638025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.332648993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.332653999 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.332659960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.332665920 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.332670927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.332684040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.332705975 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.332730055 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.333225012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.333235979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.333246946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.333257914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.333267927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.333278894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.333281040 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.333287954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.333302021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.333323002 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.359854937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.359884024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.359894991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.359925985 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.359956026 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.359991074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.360002995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.360058069 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.360101938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.360115051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.360158920 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.391948938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.392000914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.392009974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.392129898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.392136097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.392144918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.392155886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.392165899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.392273903 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.392343044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.392354012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.392362118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.392412901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.392420053 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.392424107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.392433882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.392443895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.392460108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.392471075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.392498016 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.392553091 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.393033981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.393044949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.393054962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.393064022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.393074036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.393081903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.393086910 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.393091917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.393101931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.393110991 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.393110991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.393120050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.393127918 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.393131018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.393141031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.393148899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.393155098 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.393158913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.393167973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.393177032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.393187046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.393194914 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.393234015 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.393785000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.393795967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.393832922 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.393990993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.394001961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.394010067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.394020081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.394028902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.394038916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.394047976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.394057989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.394067049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.394072056 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.394077063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.394084930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.394094944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.394104004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.394114971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.394124031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.394134045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.394149065 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.394227982 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.396708965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.396720886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.396760941 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.396852016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.396861076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.396869898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.396883011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.396892071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.396897078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.396905899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.396907091 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.396915913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.396924973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.396925926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.396934986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.396941900 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.396945000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.396955013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.396965981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.396965981 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.396975040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.396984100 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.396984100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.396995068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.397006035 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.397043943 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.419588089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.419604063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.419615030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.419675112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.419686079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.419696093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.419711113 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.419783115 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.420067072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420147896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420159101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420171022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420181990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420190096 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.420192957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420229912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.420399904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420409918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420420885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420433998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420449972 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.420470953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.420808077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420816898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420826912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420836926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420845985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420850039 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.420855045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420866013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420872927 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.420875072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420886993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420888901 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.420896053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420907021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420907021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.420916080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.420943022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.421060085 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.421638966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.421649933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.421658993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.421669006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.421679020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.421689034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.421700001 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.421700954 CEST804972364.18.87.82192.168.2.8
                                                  Jul 22, 2024 12:50:48.421721935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.421751022 CEST4972380192.168.2.864.18.87.82
                                                  Jul 22, 2024 12:50:48.446541071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.446580887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.446645021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.446655035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.446708918 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.446779013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.446794987 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.446877956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.446888924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.446960926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.479532003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.479614973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.479624987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.479650021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.479712009 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.479754925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.479764938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.479774952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.479785919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.479827881 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.479885101 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.480061054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.480071068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.480139971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.480199099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.480252981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.480262995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.480273008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.480282068 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.480309010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.480617046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.480624914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.480635881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.480644941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.480654955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.480664968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.480664968 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.480674982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.480684996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.480684996 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.480691910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.480700970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.480705976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.480710983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.480731964 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.480752945 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.480752945 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.481601000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.481611013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.481626034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.481635094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.481645107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.481654882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.481663942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.481673002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.481677055 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.481683016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.481693983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.481704950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.481714010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.481794119 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.482593060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.482608080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.482616901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.482626915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.482636929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.482641935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.482650042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.482656956 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.482661009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.482672930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.482681990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.482692003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.482696056 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.482701063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.482711077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.482724905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.482739925 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.483752966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.483762980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.483772039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.483782053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.483789921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.483798027 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.483800888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.483809948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.483814001 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.483822107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.483833075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.483834028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.483844042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.483853102 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.483855009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.483865976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.483887911 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.483911991 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.484388113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.484399080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.484430075 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.484447956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.484458923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.484468937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.484478951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.484498978 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.484523058 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.504947901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.504975080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.504985094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.505013943 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.505186081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.505196095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.505206108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.505215883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.505229950 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.505245924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.505470037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.505512953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.505656004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.505666018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.505676031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.505685091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.505696058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.505705118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.505712986 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.505740881 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.506033897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.506036043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.506037951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.506042957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.506052017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.506056070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.506061077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.506093979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.506099939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.506115913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.506119013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.506124020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.506140947 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.506153107 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.506165981 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.506952047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.506963015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.506972075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.506982088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.506992102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.507002115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.507026911 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.507046938 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.507318974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.507328987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.507376909 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.562117100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.562278986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.562326908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.562329054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.562550068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.562593937 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.562688112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.563430071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.563471079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.563688993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.579576969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.579596043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.579606056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.579647064 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.579672098 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.579760075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.579770088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.579780102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.579803944 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.579962015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.579972982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.579982042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.579993010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.580003023 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.580005884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.580038071 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.580048084 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.580290079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.580300093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.580307961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.580323935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.580333948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.580343008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.580344915 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.580353022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.580363035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.580373049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.580378056 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.580396891 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.580775976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.580828905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.580852985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.580863953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.580874920 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.580885887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.580895901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.580899954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.580907106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.580924034 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.580955029 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.581582069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.581593037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.581631899 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.581702948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.581712961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.581722021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.581732988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.581741095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.581747055 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.581756115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.581764936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.581765890 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.581775904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.581788063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.581792116 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.581799984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.581809044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.581813097 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.581819057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.581829071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.581842899 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.581875086 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.582228899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.582240105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.582248926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.582277060 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.582303047 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.582365036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.582375050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.582384109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.582393885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.582402945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.582407951 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.582412004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.582421064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.582429886 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.582432032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.582441092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.582449913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.582453966 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.582459927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.582469940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.582474947 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.582479954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.582489014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.582492113 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.582680941 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.582680941 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.583187103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.583198071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.583206892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.583215952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.583225965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.583235979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.583239079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.583245993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.583256006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.583265066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.583266020 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.583278894 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.583303928 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.611407042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611423016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611433983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611445904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611457109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611465931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611515999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611526012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611534119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611543894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611555099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611565113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611573935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611584902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611594915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611604929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611619949 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.611661911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611671925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611680984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611691952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611702919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611713886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611725092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611728907 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.611736059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611742020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611751080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611762047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611771107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.611835957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.612343073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.612354040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.612365961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.612377882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.612386942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.612396955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.612396955 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.612421989 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.612435102 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.648516893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.648545980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.648557901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.648633003 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.648715973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.648725986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.648736954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.648747921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.648762941 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.648806095 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.657295942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.657331944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.657341957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.657361984 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.657385111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.657491922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.657650948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.657660007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.657669067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.657699108 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.657711983 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.657917976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.657928944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.657938004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.657952070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.657962084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.657989025 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.658157110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.658165932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.658205032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.658241034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.658252001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.658262014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.658272028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.658281088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.658286095 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.658291101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.658301115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.658303022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.658351898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.666366100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.666377068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.666383028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.666392088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.666433096 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.666455984 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.666464090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.666538954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.666548967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.666578054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.666721106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.666731119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.666740894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.666750908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.666762114 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.666774035 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.667062044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667072058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667083025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667093039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667103052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667109013 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.667114019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667119026 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.667154074 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.667680025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667690992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667701006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667711020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667720079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.667757034 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.667881966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667892933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667897940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667902946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667907953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667915106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667924881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667929888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667936087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667941093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.667947054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.668006897 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.668045998 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.668689013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.668699026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.668708086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.668718100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.668723106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.668728113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.668731928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.668737888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.668751001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.668757915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.668767929 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.668768883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.668772936 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.668778896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.668811083 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.669542074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.669557095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.669564962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.669570923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.669575930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.669634104 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.678987980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.679028034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.679038048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.679054022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.679080009 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.679249048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.679259062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.679267883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.679308891 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.679389000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.679436922 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.700933933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.700967073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.700978041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.701041937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.701050997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.701060057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.701064110 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.701070070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.701097965 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.701107979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.701443911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.701453924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.701462984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.701472044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.701481104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.701486111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.701492071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.701502085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.701510906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.701522112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.701530933 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.701550007 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.701567888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.708713055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.708725929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.708734989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.708745956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.708762884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.708771944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.708781958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.708786011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.708791971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.708801985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.708810091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.708813906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.708822012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.708823919 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.708846092 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.735002041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.735032082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.735043049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.735168934 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.735188007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.735198021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.735292912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.735394955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.735404968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.735501051 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.745126009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.745167017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.745177031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.745280981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.745304108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.745311975 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.745400906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.745481968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.745500088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.745511055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.745522022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.745532990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.745543003 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.745636940 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.745944977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.745955944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.745965004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.745976925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.745986938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.745996952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.745996952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.746010065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.746016026 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.746020079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.746040106 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.746074915 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.746455908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.746467113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.746507883 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.753752947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.753772020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.753783941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.753851891 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.753878117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.753887892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.753906965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.753917933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.753989935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.754160881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.754228115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.754229069 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.754239082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.754249096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.754259109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.754336119 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.754684925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.754695892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.754707098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.754717112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.754725933 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.754728079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.754739046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.754750967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.754760981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.754769087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.754771948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.754785061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.754796028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.754817963 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.754827976 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.755480051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.755491018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.755501032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.755511999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.755523920 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.755532980 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.755534887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.755547047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.755557060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.755563974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.755580902 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.755584955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.755594969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.755605936 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.755608082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.755620003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.755649090 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.755662918 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.756393909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.756403923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.756413937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.756423950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.756436110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.756443977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.756447077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.756457090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.756464958 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.756467104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.756479979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.756495953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.756510973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.756522894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.756526947 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.756532907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.756552935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.756582975 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.757144928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.765655041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.765717983 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.765815973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.765866995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.765877008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.765913010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.765994072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.766011000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.766021013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.766028881 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.766064882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.787296057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.787336111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.787377119 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.787408113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.787420034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.787451029 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.787591934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.787611008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.787620068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.787630081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.787640095 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.787642002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.787657976 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.788019896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788029909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788038969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788048029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788059950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788064957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.788069963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788079023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788084030 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.788089037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788099051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788116932 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.788142920 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.788580894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788592100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788600922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788650036 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.788817883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788827896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788832903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788847923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788857937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788865089 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.788871050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788881063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788892984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.788894892 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.790019989 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.821314096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.821331978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.821341991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.821434975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.821445942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.821456909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.821456909 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.821469069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.821511030 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.821675062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.831631899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.831676006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.831687927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.831700087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.831734896 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.831866026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.831876993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.831887960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.831923008 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.832087994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.832098961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.832134008 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.832148075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.832159042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.832169056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.832187891 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.832206011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.832345963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.832355976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.832366943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.832381964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.832395077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.832410097 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.832439899 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.832542896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.832597971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.832628965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.832639933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.832679033 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.832743883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.832753897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.832788944 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.839910984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.839965105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.840010881 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.840040922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.840110064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.840120077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.840152979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.840296030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.840306997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.840322018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.840332031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.840339899 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.840358973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.840615988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.840626955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.840640068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.840651035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.840656042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.840667009 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.840677023 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.840708971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.840997934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.841008902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.841017962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.841027975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.841039896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.841049910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.841052055 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.841059923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.841070890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.841073036 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.841094017 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.841115952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.841558933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.841568947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.841578960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.841588974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.841598034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.841618061 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.841645002 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.841897964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.841908932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.841918945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.841928005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.841945887 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.841969967 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.841984987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.841995955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.842005014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.842015028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.842020988 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.842024088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.842036009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.842046976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.842052937 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.842056990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.842081070 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.842876911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.842888117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.842897892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.842906952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.842916965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.842926025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.842931032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.842936039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.842946053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.842951059 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.842955112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.842967033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.842974901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.842977047 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.842998028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.843019962 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.851736069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.851886034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.851918936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.851955891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.851974010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.851978064 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.852014065 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.852149010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.852160931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.852191925 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.877048016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.877065897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.877075911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.877123117 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.877147913 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.877198935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.877209902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.877218962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.877229929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.877245903 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.877270937 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.877595901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.877605915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.877615929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.877629042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.877638102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.877648115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.877659082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.877664089 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.877698898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.878191948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.878201962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.878207922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.878216982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.878226995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.878241062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.878248930 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.878252029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.878262997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.878266096 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.878276110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.878284931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.878284931 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.878295898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.878303051 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.878308058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.878356934 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.878920078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.878964901 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.908116102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.908149958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.908160925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.908255100 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.908423901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.908433914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.908443928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.908448935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.908498049 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.918353081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.918384075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.918396950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.918463945 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.918492079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.918627977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.918639898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.918653011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.918664932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.918678999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.918679953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.918695927 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.918860912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.918900013 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.919048071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.919059992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.919071913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.919084072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.919094086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.919097900 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.919105053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.919116974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.919118881 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.919128895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.919141054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.919146061 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.919166088 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.919614077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.919625998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.919652939 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.919691086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.919728994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.926786900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.926839113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.926848888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.926882029 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.926970005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.927011967 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.927064896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.927081108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.927090883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.927103043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.927109003 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.927145004 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.927362919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.927506924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.927515984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.927525997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.927536011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.927546024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.927548885 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.927556992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.927566051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.927571058 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.927587032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.927603960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.928072929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.928081036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.928090096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.928100109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.928109884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.928116083 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.928119898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.928129911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.928138971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.928144932 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.928148985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.928154945 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.928183079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.928751945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.928761959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.928772926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.928782940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.928792953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.928796053 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.928802967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.928806067 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.928813934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.928823948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.928833008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.928836107 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.928843975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.928860903 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.929486036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.929495096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.929505110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.929513931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.929522038 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.929522991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.929533005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.929544926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.929547071 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.929554939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.929563999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.929567099 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.929574013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.929583073 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.929598093 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.930141926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.930152893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.930161953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.930186033 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.930207968 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.938098907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.938126087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.938136101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.938168049 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.938242912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.938252926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.938262939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.938273907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.938287973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.938313007 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.938510895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.938549995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.963520050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.963538885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.963548899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.963644981 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.963675022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.963720083 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.963797092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.963805914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.963821888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.963833094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.963841915 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.963874102 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.964076042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.964247942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.964257956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.964267969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.964277983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.964283943 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.964287996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.964298010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.964307070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.964318037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.964324951 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.964346886 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.964854002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.964864016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.964873075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.964883089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.964893103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.964900017 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.964904070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.964914083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.964927912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.964946032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.965347052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.965358019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.965367079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.965394020 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.994523048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.994549990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.994560003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.994594097 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.994617939 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.994643927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.994653940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.994663000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.994700909 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:48.994858027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.994869947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:48.994899035 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.005856991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.005916119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.005927086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.005928993 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.005964041 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.006045103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.006056070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.006064892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.006087065 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.006428957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.006439924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.006450891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.006460905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.006479979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.006505013 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.007236958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.007246971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.007256985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.007266045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.007276058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.007286072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.007292032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.007292032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.007302999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.007306099 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.007314920 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.007322073 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.007324934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.007335901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.007352114 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.007378101 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.013345957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.013362885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.013372898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.013421059 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.013500929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.013546944 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.013547897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.013559103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.013593912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.013798952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.013808966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.013819933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.013840914 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.014025927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.014040947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.014050007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.014060020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.014070034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.014070034 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.014080048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.014091015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.014100075 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.014111996 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.014132977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.014544010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.014554977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.014566898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.014575958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.014592886 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.014616966 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.014790058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.014800072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.014811039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.014821053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.014830112 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.014854908 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.015177965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.015188932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.015198946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.015208006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.015218973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.015224934 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.015228987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.015235901 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.015239000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.015249014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.015260935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.015260935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.015299082 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.015865088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.015876055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.015885115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.015893936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.015902996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.015912056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.015922070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.015922070 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.015930891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.015934944 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.015942097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.015952110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.015955925 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.016009092 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.016568899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.016580105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.016587973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.016597033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.016606092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.016623020 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.016640902 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.024704933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.024768114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.024776936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.024797916 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.024890900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.024900913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.024915934 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.025010109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.025052071 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.025080919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.049802065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.049823046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.049846888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.049906015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.049994946 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.049994946 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.050040007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.050050020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.050059080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.050069094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.050088882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.050107956 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.050281048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.050292015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.050329924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.050443888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.050453901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.050465107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.050473928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.050478935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.050517082 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.050703049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.050712109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.050720930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.050730944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.050741911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.050741911 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.050751925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.050765038 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.050801039 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.051156044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.051166058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.051173925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.051182985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.051193953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.051203966 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.051204920 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.051214933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.051224947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.051237106 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.051264048 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.051660061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.051668882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.051703930 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.080826998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.080847025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.080856085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.080897093 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.080926895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.080981016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.080992937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.081039906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.081111908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.081152916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.081165075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.081187963 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.091208935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.091263056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.091289997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.091299057 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.091342926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.091424942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.091434956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.091444969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.091455936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.091470957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.091500998 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.091654062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.091741085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.091752052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.091759920 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.091770887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.091779947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.091785908 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.091823101 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.092123985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.092506886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.092536926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.092545033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.092560053 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.092581987 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.092667103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.092675924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.092720985 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.092806101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.092814922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.092824936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.092854977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.099932909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.099984884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.099994898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.100013971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.100042105 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.100157022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.100167036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.100176096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.100217104 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.100394964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.100409985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.100420952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.100425005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.100436926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.100446939 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.100447893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.100469112 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.100497961 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.100860119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.100869894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.100915909 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.100919008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.100928068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.100938082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.100964069 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.100972891 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.101130009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.101140022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.101149082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.101157904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.101167917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.101182938 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.101213932 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.101511002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.101545095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.101555109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.101564884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.101571083 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.101573944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.101584911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.101593971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.101605892 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.101638079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.101938963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.101948977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.101989985 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.102068901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.102080107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.102088928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.102097988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.102106094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.102113962 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.102116108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.102125883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.102132082 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.102134943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.102144003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.102153063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.102157116 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.102200031 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.102958918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.102969885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.102977991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.102984905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.102987051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.102997065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.103005886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.103008986 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.103014946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.103024960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.103034019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.103038073 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.103046894 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.103048086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.103070021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.103096962 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.111315012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.111370087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.111381054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.111413956 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.111511946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.111526012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.111553907 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.111633062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.111665010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.111710072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.136172056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.136230946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.136281013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.136321068 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.136338949 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.136346102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.136356115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.136399984 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.136526108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.136535883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.136545897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.136554956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.136564016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.136589050 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.136817932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.136831045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.136862993 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.136943102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.136951923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.136960983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.136984110 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.137008905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.137156963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.137166023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.137181044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.137191057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.137200117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.137204885 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.137223005 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.137646914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.137655973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.137665987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.137680054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.137687922 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.137689114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.137698889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.137702942 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.137708902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.137720108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.137732983 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.137758970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.138071060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.138082027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.138115883 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.167893887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.167911053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.167977095 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.168015003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.168059111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.168201923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.168214083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.168226004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.168236971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.168256998 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.168271065 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.178132057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.178289890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.178299904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.178360939 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.178466082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.178478956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.178488970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.178495884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.178515911 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.178546906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.178792953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.178803921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.178814888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.178848028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.178878069 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.179083109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.179095030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.179105043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.179116011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.179126024 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.179161072 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.179327965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.179481983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.179496050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.179518938 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.179637909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.179647923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.179680109 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.179774046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.179824114 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.179922104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187576056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187587976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187598944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187609911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187623978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187623978 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.187634945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187644005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187649965 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.187669039 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.187695026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187695026 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.187711000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187722921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187732935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187743902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187751055 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.187756062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187766075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187776089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187777042 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.187786102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187796116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187798977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.187805891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187815905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187824011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.187827110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187843084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187845945 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.187855005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187865019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187876940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187885046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.187886953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187897921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187910080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.187913895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.187932968 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.187958002 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.188124895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188143969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188153982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188163996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188174009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188179016 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.188183069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188194990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188200951 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.188205957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188219070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188226938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188230991 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.188246012 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.188272953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.188656092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188667059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188678026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188688040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188699007 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.188699007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188710928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188735008 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.188755989 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.188932896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188942909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188955069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188973904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188978910 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.188985109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.188996077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.189006090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.189011097 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.189029932 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.199114084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.199191093 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.199207067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.199218035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.199246883 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.199335098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.199350119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.199359894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.199369907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.199393988 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.199418068 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.222970009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223015070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223023891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223046064 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.223078966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223089933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223115921 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.223263979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223273993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223287106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223297119 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.223299026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223309994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223357916 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.223377943 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.223736048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223747015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223757029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223767996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223778009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223788977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223799944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223804951 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.223814964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223825932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223835945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223836899 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.223846912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.223854065 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.223882914 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.224550009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.224560022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.224571943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.224582911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.224594116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.224603891 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.224603891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.224615097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.224622011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.224639893 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.224658966 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.254647017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.254663944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.254674911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.254745960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.254796982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.254816055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.254827023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.254833937 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.254858971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.255069017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.264569998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.264585972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.264596939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.264626980 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.264650106 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.264693022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.264703989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.264714956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.264754057 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.265113115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.265125036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.265144110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.265155077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.265161037 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.265166044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.265177965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.265192032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.265218973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.265382051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.265394926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.265438080 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.265499115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.265510082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.265546083 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.265625954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.265636921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.265671968 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.265748024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.265758991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.265769958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.265784979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.265803099 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.266021013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.273027897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.273045063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.273056984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.273092031 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.273118973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.273124933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.273138046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.273148060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.273171902 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.273292065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.273302078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.273312092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.273325920 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.273348093 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.273498058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.273509026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.273519039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.273539066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.273542881 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.273550034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.273585081 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.274187088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.274199009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.274208069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.274236917 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.274260998 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.274267912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.274280071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.274312019 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.274379969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.274390936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.274424076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.274497032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.274507999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.274535894 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.274682999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.274692059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.274703026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.274713039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.274724007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.274734020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.274739981 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.274770021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.275015116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275024891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275034904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275046110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275057077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275057077 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.275078058 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.275341988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275352001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275362015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275371075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275382996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275388002 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.275393963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275403976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275413036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275418043 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.275435925 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.275806904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275819063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275831938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275842905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275854111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275856972 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.275863886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275876045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275886059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.275887012 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.275940895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.275955915 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.285794973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.285816908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.285829067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.285837889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.285851002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.285918951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.285929918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.285938978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.285960913 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.286046982 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.309447050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.309458971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.309468985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.309596062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.309603930 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.309607029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.309618950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.309710979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.309789896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.309807062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.309817076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.309825897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.309838057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.309856892 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.309926987 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.310287952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.310298920 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.310309887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.310322046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.310333967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.310343027 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.310347080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.310359001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.310367107 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.310372114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.310384035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.310389042 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.310410976 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.310892105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.310903072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.310914040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.310925961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.310937881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.310949087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.310950994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.310961008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.310972929 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.310997963 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.312539101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.340869904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.340887070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.340897083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.340959072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.340969086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.340979099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.340989113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.341006041 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.341116905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.341609001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.350671053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.350682020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.350692034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.350769997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.350780964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.350806952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.350897074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.350900888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.350910902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.350923061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.350931883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.350969076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.351026058 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.351098061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.351159096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.351169109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.351178885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.351188898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.351217031 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.351273060 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.352334023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.352344990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.352355003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.352416992 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.352478981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.352504969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.352516890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.352526903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.352627039 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.359628916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.359646082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.359658003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.359761000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.359771013 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.359771967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.359782934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.359838009 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.360028028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.360038996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.360049009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.360059977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.360105038 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.360272884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.360282898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.360292912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.360302925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.360332012 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.360369921 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.360608101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.360616922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.360660076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.360685110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.360730886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.360740900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.360769033 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.360932112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.360941887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.360954046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.360970974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.361008883 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.361201048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.361211061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.361221075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.361231089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.361241102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.361251116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.361253977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.361257076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.361277103 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.361289978 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.361674070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.361685991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.361696005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.361706018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.361727953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.361747980 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.362067938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.362078905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.362087965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.362097979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.362107038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.362116098 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.362117052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.362128019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.362138033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.362148046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.362149954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.362171888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.362171888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.362189054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.362688065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.362701893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.362711906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.362723112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.362734079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.362739086 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.362745047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.362754107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.362775087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.372273922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.372287035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.372396946 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.372411013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.372421980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.372493982 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.372520924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.372549057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.372559071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.372611046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.396452904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.396466970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.396477938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.396563053 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.396604061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.396614075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.396626949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.396673918 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.396981955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.396991968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397003889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397013903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397025108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397058964 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.397160053 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.397231102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397243977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397253990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397264957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397274971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397285938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397295952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.397296906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397365093 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.397800922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397810936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397820950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397831917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397840977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.397842884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397854090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397864103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397874117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397885084 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.397886038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.397908926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.428109884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.428128004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.428138971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.428211927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.428221941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.428232908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.428244114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.428248882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.428380013 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.442730904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.442826986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.442837954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.442848921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.442894936 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.442920923 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.446384907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446397066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446402073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446407080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446410894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446415901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446419954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446424007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446430922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446440935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446444988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446450949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446455002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446465015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446475983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446511984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446523905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446532011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446542978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446551085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446559906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446567059 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.446568966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446579933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446593046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446603060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.446702957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.453320980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.453339100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.453349113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.453360081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.453371048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.453433037 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.453495979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.453979015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.453989029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.454000950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.454066038 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.454121113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.454129934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.454186916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.454200983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.454206944 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.454265118 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.454425097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.454436064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.454444885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.454454899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.454464912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.454477072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.454488039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.454493046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.454498053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.454509020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.454523087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.454551935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.454906940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.454919100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.454953909 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.455125093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.455136061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.455147982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.455153942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.455169916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.455179930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.455189943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.455202103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.455212116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.455212116 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.455221891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.455231905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.455243111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.455248117 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.455254078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.455264091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.455270052 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.455276012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.455285072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.455291033 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.455307007 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.455324888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.460741997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.460798979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.460810900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.460850954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.460983038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.460999012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.461010933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.461021900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.461024046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.461049080 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.483836889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.483856916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.483867884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.483880997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.483891964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.483901978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.483913898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.483957052 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.484060049 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.484268904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484280109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484288931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484302044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484313011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484323978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484338999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484340906 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.484353065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484359026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484412909 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.484453917 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.484797955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484808922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484821081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484833002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484852076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.484869003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484879971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484889984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484899998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484905005 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.484905005 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.484910011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484920025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484931946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.484936953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.484978914 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.514421940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.514436007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.514447927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.514602900 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.514609098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.514621019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.514631987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.514714956 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.516710043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.542659998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.542670965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.542681932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.542763948 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.542798996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.542809010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.542819977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.542829990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.542861938 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.543023109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.543031931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.543041945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.543051958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.543061018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.543068886 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.543076992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.543087006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.543092012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.543097973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.543107986 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.543121099 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.543134928 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.548260927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.548270941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.548280001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.548290014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.548300028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.548310041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.548319101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.548326969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.548336983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.548336983 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.548343897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.548353910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.548362970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.548362970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.548372984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.548382044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.548388958 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.548392057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.548402071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.548413992 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.548428059 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.548903942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.548916101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.548924923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.549006939 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.569652081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.569926023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.569936037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.569947004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.569983959 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.570031881 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.570302963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.570312977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.570322037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.570358992 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.570872068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.570880890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.570892096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.570900917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.570909023 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.570943117 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.571635962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.571645021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.571654081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.571662903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.571680069 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.571707010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.572419882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.572431087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.572441101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.572452068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.572479010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.572503090 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.573240042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.573251009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.573259115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.573268890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.573277950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.573296070 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.573321104 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.574045897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.574057102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.574067116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.574076891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.574124098 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.574860096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.574871063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.574881077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.574892044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.574901104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.574947119 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.575666904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.575678110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.575687885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.575697899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.575716972 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.575750113 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.576476097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.576498985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.576508999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.576520920 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.576520920 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.576530933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.576556921 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.576589108 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.577383041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.577393055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.577408075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.577419043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.577429056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.577436924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.577440023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.577450991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.577475071 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.578231096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.578242064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.578252077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.578262091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.578272104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.578279972 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.578282118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.578299999 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.578341961 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.579390049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.579400063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.579410076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.579417944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.579427004 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.579427958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.579438925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.579447985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.579463959 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.579494953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.580183983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.580194950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.580205917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.580216885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.580226898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.580255032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.602066994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.602113962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.602127075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.602291107 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.602479935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.602492094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.602504015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.602514982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.602556944 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.602628946 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.644578934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.644594908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.644607067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.644690037 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.644803047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.644814014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.644871950 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.645168066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.645178080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.645190001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.645200968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.645211935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.645234108 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.645256996 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.645277977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.645958900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.645971060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.645981073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.645992041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.646047115 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.646142960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.646687984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.646699905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.646714926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.646725893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.646735907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.646739006 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.646763086 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.647602081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.647615910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.647629023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.647639990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.647644043 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.647650957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.647661924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.647664070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.647687912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.652452946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.652470112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.652487040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.652512074 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.652513027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.652524948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.652559042 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.652574062 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.657303095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.657319069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.657330036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.657340050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.657399893 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.657464027 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.665515900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.665532112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.665544033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.665580988 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.665819883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.665832043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.665842056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.665894032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.665949106 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.666343927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.666356087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.666367054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.666378021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.666394949 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.666421890 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.667002916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.667016029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.667025089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.667036057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.667047977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.667056084 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.667073965 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.670875072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.670892000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.670902014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.670912981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.670922041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.670932055 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.670933962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.670943975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.670954943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.670954943 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.670967102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.670977116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.670984983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.670991898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.671024084 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.672182083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.672195911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.672207117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.672218084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.672228098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.672240019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.672277927 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.672352076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.672533035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.672544956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.672554970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.672564983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.672574997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.672585964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.672622919 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.672640085 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.673443079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.673458099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.673470020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.673479080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.673490047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.673501015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.673508883 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.673511982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.673542023 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.674326897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.674340010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.674350977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.674362898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.674374104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.674379110 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.674381018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.674391031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.674410105 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.674432993 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.675215960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.675231934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.675240993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.675251961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.675262928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.675272942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.675281048 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.675283909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.675306082 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.675328970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.676095009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.676107883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.676120043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.676131010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.676142931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.676146984 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.676156044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.676166058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.676168919 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.676189899 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.676212072 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.676902056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.676914930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.676955938 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.688297987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.688313007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.688324928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.688415051 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.688504934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.688518047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.688528061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.688539982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.688575029 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.688637018 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.692007065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.692061901 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.730429888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.730447054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.730458021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.730554104 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.730700016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.730710983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.730720997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.730746984 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.730767012 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.731440067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.731452942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.731462955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.731472969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.731483936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.731486082 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.731494904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.731513977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.731533051 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.732222080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.732234001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.732243061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.732254028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.732264042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.732265949 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.732285976 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.733144045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.733155966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.733165026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.733176947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.733185053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.733191013 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.733196974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.733218908 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.734047890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.734060049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.734070063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.734080076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.734090090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.734095097 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.734116077 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.734134912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.734972954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.734986067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.734996080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.735007048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.735016108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.735018969 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.735027075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.735044003 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.735064030 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.752433062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.752450943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.752468109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.752504110 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.752686024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.752696991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.752723932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.752731085 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.752734900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.752757072 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.753454924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.753468037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.753479004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.753489971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.753500938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.753503084 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.753523111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.753546000 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.754354000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.754368067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.754376888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.754389048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.754398108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.754399061 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.754410028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.754422903 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.754446030 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.755275965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.755290031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.755300045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.755311966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.755321026 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.755322933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.755347967 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.756196022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.756207943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.756217003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.756227016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.756237030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.756247997 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.756251097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.756273031 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.757128000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.757142067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.757149935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.757159948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.757170916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.757175922 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.757180929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.757205963 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.758055925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.758068085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.758078098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.758083105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.758089066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.758099079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.758126974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.758168936 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.758951902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.758964062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.758972883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.758984089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.758994102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.759001970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.759037971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.759706020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.759718895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.759727001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.759737968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.759747028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.759754896 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.759757996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.759766102 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.759768963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.759808064 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.760560036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.760571957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.760581017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.760591984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.760601997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.760601997 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.760612011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.760622978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.760637999 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.760657072 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.761476040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.761488914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.761498928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.761509895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.761521101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.761528969 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.761531115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.761545897 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.761569023 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.762249947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.762269974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.762326002 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.774847031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.774863958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.774873972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.774947882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.775089979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.775099993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.775110006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.775171995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.775640011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.816411972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.816473007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.816497087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.816515923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.816529036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.816560030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.816570997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.816581011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.816586971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.816694021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.817029953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.817044020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.817076921 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.817157030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.817168951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.817182064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.817222118 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.817516088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.817528963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.817538023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.817547083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.817553043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.817563057 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.817564011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.817574978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.817586899 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.817609072 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.818239927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.818258047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.818269014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.818279982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.818290949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.818304062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.818304062 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.818315983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.818320036 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.818358898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.819173098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.819188118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.819197893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.819207907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.819217920 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.819219112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.819230080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.819235086 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.819242001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.819252968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.819262981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.819264889 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.819292068 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.819313049 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.820003986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.820018053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.820060015 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.838525057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.838542938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.838553905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.838748932 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.838777065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.838794947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.838804960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.838814974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.838824987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.838963032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.838963032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.839462996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.839476109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.839512110 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.839818001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.839828968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.839838028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.839848042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.839857101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.839860916 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.839868069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.839879990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.839886904 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.839903116 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.840789080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.840801954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.840812922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.840822935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.840831995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.840838909 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.840842962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.840869904 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.841639996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.841650963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.841661930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.841671944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.841681957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.841686964 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.841692924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.841703892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.841718912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.841739893 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.842624903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.842638969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.842652082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.842663050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.842674017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.842675924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.842685938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.842695951 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.842695951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.842715025 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.843599081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.843612909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.843622923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.843633890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.843643904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.843653917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.843656063 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.843687057 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.844572067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.844584942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.844594955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.844604969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.844614983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.844624043 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.844625950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.844636917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.844657898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.844681978 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.844681978 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.845554113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.845566034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.845577955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.845587969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.845597982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.845606089 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.845607996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.845618963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.845643997 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.846362114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.846374989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.846385956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.846395016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.846410990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.846415043 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.846421957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.846431971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.846441984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.846443892 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.846467018 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.847203970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.847218037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.847229004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.847239017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.847254992 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.847337008 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.862205029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.862219095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.862230062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.862272978 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.862299919 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.863104105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.863116980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.863128901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.863138914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.863159895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.863183975 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.903615952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.903633118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.903640032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.903744936 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.903809071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.903820038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.903831005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.903846979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.903878927 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.904299974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.904311895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.904324055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.904335022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.904340029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.904345989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.904349089 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.904396057 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.905136108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.905150890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.905158997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.905168056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.905179024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.905184984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.905193090 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.905235052 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.906038046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.906052113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.906061888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.906071901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.906083107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.906095028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.906100035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.906110048 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.906141043 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.906934023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.906946898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.906955957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.906966925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.906976938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.906976938 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.906989098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.906994104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.907006979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.907038927 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.907759905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.907774925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.907820940 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.925050974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.925100088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.925110102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.925175905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.925337076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.925347090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.925355911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.925389051 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.925411940 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.925790071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.925801992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.925812006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.925822973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.925832033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.925832033 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.925865889 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.926959038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.926974058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.926983118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.926992893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.927005053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.927006960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.927021980 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.927038908 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.927071095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.927081108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.927088976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.927098989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.927108049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.927109957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.927118063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.927134037 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.927150011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.928005934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.928018093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.928026915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.928036928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.928046942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.928051949 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.928059101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.928066015 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.928070068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.928103924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.928903103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.928915977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.928925037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.928935051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.928944111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.928947926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.928955078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.928965092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.928963900 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.928976059 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.929033041 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.929841042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.929851055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.929861069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.929871082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.929882050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.929884911 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.929891109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.929898977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.929900885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.929934978 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.930699110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.930710077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.930720091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.930730104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.930740118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.930746078 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.930751085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.930761099 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.930762053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.930779934 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.930798054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.931696892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.931713104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.931725025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.931735039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.931745052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.931751966 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.931756973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.931767941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.931771994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.931802988 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.932533026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.932545900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.932555914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.932566881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.932574987 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.932578087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.932589054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.932593107 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.932599068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.932621002 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.932662010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.933274984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.933286905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.933298111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.933309078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.933316946 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.933321953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.933345079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.948714018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.948730946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.948740005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.948844910 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.948942900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.948952913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.948961973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.948971033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.948987007 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.949018002 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.949414015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.989650965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.989667892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.989679098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.989773035 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.989864111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.989875078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.989885092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.989893913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.989938021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.990005970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.990087032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.990098000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.990107059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.990117073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.990154028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.990226984 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.990480900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.990492105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.990504980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.990521908 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.990766048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.990776062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.990782022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.990819931 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.991146088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.991157055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.991166115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.991174936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.991184950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.991190910 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.991195917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.991206884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.991214037 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.991230965 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.991905928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.991915941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.991925001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.991934061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.991942883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.991951942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.991957903 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.991961002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.991971016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.991978884 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.991981030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.992005110 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.992018938 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:49.992722034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.992733002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:49.992764950 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.011858940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.011878014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.011941910 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.012231112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.012243032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.012254000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.012264967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.012275934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.012276888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.012298107 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.012629032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.012639999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.012650967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.012660980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.012670994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.012674093 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.012684107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.012705088 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.013693094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.013703108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.013714075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.013725042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.013735056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.013740063 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.013746977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.013757944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.013768911 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.013787031 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.014230013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.014240980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.014246941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.014251947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.014256954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.014261961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.014761925 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.015346050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.015357018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.015367031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.015377045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.015387058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.015393019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.015403032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.015403032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.015414953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.015425920 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.015465021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.015996933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.016009092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.016020060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.016036987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.016048908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.016048908 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.016060114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.016067028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.016098022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.016848087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.016859055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.016870022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.016880989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.016890049 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.016891956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.016904116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.016910076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.016916037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.016927004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.016952038 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.016978979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.017736912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.017750978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.017760992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.017772913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.017782927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.017791986 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.017795086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.017807007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.017810106 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.017839909 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.018615007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.018637896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.018654108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.018661022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.018666983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.018677950 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.018687963 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.018691063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.018702030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.018716097 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.018734932 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.019293070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.019305944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.019316912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.019328117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.019337893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.019347906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.019352913 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.019359112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.019371986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.019378901 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.019382000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.019397974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.035192013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.035212040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.035223961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.035267115 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.035298109 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.035419941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.035476923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.035489082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.035500050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.035517931 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.035537004 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.076112986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.076152086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.076164007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.076292992 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.076376915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.076387882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.076397896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.076419115 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.076435089 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.076680899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.076872110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.076880932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.076891899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.076914072 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.076927900 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.077162027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.077172995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.077182055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.077192068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.077208996 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.077229977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.077573061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.077584028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.077594995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.077629089 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.077990055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.078005075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.078013897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.078023911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.078036070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.078038931 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.078046083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.078056097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.078068018 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.078088045 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.078898907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.078912973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.078922987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.078933001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.078943014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.078948975 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.078953028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.078963995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.078968048 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.078974009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.078991890 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.079004049 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.080048084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.080064058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.080096960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.098511934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.098539114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.098551989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.098562956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.098648071 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.098721981 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.098733902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.098746061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.098757982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.098814964 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.099100113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.099112988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.099123955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.099133968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.099144936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.099149942 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.099155903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.099164009 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.099181890 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.099807978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.099822998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.099833965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.099845886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.099852085 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.099857092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.099867105 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.099868059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.099879026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.099889994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.099895954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.099912882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.100691080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.100703955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.100716114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.100728035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.100733995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.100739956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.100749016 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.100750923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.100761890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.100775957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.100780964 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.100795031 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.101577044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.101593018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.101603985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.101614952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.101620913 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.101629019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.101634979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.101639986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.101650953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.101661921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.101665974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.101681948 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.102447987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.102461100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.102472067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.102483034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.102489948 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.102493048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.102504969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.102514982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.102525949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.102541924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.102543116 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.102555990 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.103254080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.103267908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.103277922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.103288889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.103301048 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.103307962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.103318930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.103326082 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.103329897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.103339911 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.103341103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.103365898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.104218960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.104234934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.104245901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.104258060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.104265928 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.104268074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.104279995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.104290009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.104295015 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.104300976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.104310989 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.104331017 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.105098009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.105113029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.105123043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.105134010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.105139971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.105144978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.105158091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.105166912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.105169058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.105180979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.105190039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.105200052 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.105212927 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.105228901 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.121541977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.121577024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.121587992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.121711969 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.121766090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.121776104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.121788025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.121814013 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.121963024 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.122376919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.162769079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.162792921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.162806034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.162817955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.162831068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.162842989 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.162854910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.162892103 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.162950039 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.165783882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.165802002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.165815115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.165842056 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.165987015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.165999889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.166012049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.166026115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.166042089 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.166069984 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.166245937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.166256905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.166274071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.166285038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.166289091 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.166297913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.166306973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.166333914 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.166779995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.166791916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.166801929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.166812897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.166822910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.166824102 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.166834116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.166845083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.166856050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.166856050 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.166867018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.166877031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.166877031 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.166891098 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.166920900 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.167520046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.167531967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.167541981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.167552948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.167563915 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.167563915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.167584896 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.184602022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.184633017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.184643984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.184658051 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.184674978 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.185271025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.185282946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.185292959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.185303926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.185314894 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.185340881 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.186906099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.186917067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.186928034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.186954021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.187112093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.187124014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.187134027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.187154055 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.187165022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.187510014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.187522888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.187532902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.187546015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.187557936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.187567949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.187570095 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.187580109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.187591076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.187607050 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.188249111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.188257933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.188273907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.188285112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.188285112 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.188294888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.188304901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.188309908 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.188317060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.188323975 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.188327074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.188349009 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.189112902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.189124107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.189132929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.189143896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.189152002 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.189155102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.189166069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.189172029 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.189177036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.189186096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.189189911 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.189197063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.189207077 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.189228058 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.190038919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.190049887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.190063000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.190073013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.190083027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.190093040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.190095901 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.190104008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.190114021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.190119982 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.190124035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.190136909 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.190159082 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.190937996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.190948963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.190953970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.190963030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.190973043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.190983057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.190989017 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.190993071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.191004038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.191004992 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.191015005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.191028118 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.191059113 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.191979885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.191992044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.192001104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.192011118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.192020893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.192030907 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.192037106 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.192039967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.192044020 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.192050934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.192056894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.192065954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.192070961 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.192097902 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.192106009 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.192514896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.192527056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.192537069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.192562103 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.208214998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.208225012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.208235979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.208283901 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.208302975 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.208348036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.208394051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.208404064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.208415031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.208431005 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.208456039 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.248656034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.248693943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.248704910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.248733997 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.248804092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.248815060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.248847008 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.249012947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.249025106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.249036074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.249083042 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.249083042 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.252151012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.252217054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.252229929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.252258062 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.252521038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.252533913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.252557993 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.252629995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.252644062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.252655029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.252669096 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.252691031 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.252976894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.252990007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.253000975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.253012896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.253025055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.253025055 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.253036976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.253048897 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.253067017 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.253698111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.253714085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.253726006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.253739119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.253747940 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.253750086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.253762007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.253772020 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.253774881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.253787041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.253794909 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.253799915 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.253820896 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.254492044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.254506111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.254518986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.254532099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.254539013 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.254553080 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.271003962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.271058083 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.271066904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.271079063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.271107912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.271445990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.271456957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.271467924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.271478891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.271488905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.271518946 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.272046089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.272126913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.272138119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.272166014 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.272516012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.272527933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.272537947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.272548914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.272557974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.272581100 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.272739887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.272751093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.272762060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.272774935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.272783995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.272792101 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.273212910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.273225069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.273235083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.273245096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.273253918 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.273255110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.273266077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.273277044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.273278952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.273287058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.273294926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.273317099 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.274136066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.274148941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.274158955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.274168968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.274178982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.274188995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.274189949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.274188995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.274200916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.274211884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.274219990 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.274223089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.274231911 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.274235010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.274260044 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.275002956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.275021076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.275031090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.275043964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.275048018 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.275054932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.275065899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.275073051 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.275075912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.275087118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.275094986 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.275098085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.275109053 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.275134087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.275989056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.276000977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.276010036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.276020050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.276030064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.276041985 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.276042938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.276051998 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.276052952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.276063919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.276073933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.276083946 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.276099920 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.276890039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.276906013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.276916027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.276927948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.276932001 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.276937962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.276948929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.276953936 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.276959896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.276971102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.276974916 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.276982069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.276993990 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.277021885 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.277745008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.277759075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.277769089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.277780056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.277790070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.277791977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.277801037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.277812958 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.277852058 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.286127090 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.294523001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.294555902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.294565916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.294600964 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.294735909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.294748068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.294758081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.294769049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.294778109 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.294800043 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.295078039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.295120001 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.335400105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.335438013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.335479975 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.335503101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.335516930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.335555077 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.335741043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.335752964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.335791111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.335896015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.338526964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.338584900 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.338608980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.338619947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.338659048 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.338812113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.338823080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.338831902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.338855028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.339097977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.339112043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.339142084 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.339350939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.339360952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.339370966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.339381933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.339391947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.339396954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.339404106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.339425087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.340101957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.340118885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.340130091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.340141058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.340153933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.340153933 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.340166092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.340167999 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.340177059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.340188026 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.340202093 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.340219021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.340833902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.340847015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.340856075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.340866089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.340876102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.340878963 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.340900898 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.340919971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.357952118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.357990980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.358002901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.358115911 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.358326912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.358339071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.358350039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.358361006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.358392954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.358551979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.358602047 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.358656883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.358668089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.358707905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.358865023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.358875990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.358885050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.358895063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.358907938 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.358932018 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.359297037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.359308958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.359318972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.359328985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.359338045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.359342098 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.359349012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.359368086 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.359380960 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.359858036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.359868050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.359878063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.359900951 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.359910965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.359920979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.359931946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.359941959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.359949112 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.359951019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.359961987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.359972000 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.359992027 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.360841990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.360855103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.360865116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.360874891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.360884905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.360887051 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.360893965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.360905886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.360914946 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.360915899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.360954046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.361689091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.361705065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.361713886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.361723900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.361732960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.361741066 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.361742973 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.361752987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.361757994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.361764908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.361773968 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.361776114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.361785889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.361799002 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.361824989 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.362576962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.362591028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.362600088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.362610102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.362620115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.362626076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.362632036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.362641096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.362643957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.362651110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.362658024 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.362660885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.362694979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.363607883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.363627911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.363640070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.363653898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.363665104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.363672972 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.363677979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.363688946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.363697052 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.363699913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.363712072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.363720894 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.363745928 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.364295959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.364309072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.364320040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.364331961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.364341974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.364357948 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.381352901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.381381035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.381391048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.381426096 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.381443977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.381596088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.381608009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.381661892 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.381728888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.381740093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.381772041 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.421838045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.421870947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.421883106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.421967983 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.421988010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.422024012 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.422039032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.422050953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.422086000 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.422286987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.424978971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.425030947 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.425034046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.425048113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.425081015 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.425209045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.425221920 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.425265074 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.425421000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.425431013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.425441027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.425451040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.425462008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.425462961 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.425493956 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.425872087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.425884008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.425889969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.425920963 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.425947905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.426096916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.426362038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.426372051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.426382065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.426392078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.426402092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.426408052 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.426412106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.426422119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.426431894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.426440954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.426444054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.426450968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.426465034 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.426485062 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.427072048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.427083015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.427093029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.427103043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.427109957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.427112103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.427139044 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.427164078 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.444365978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.444453001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.444466114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.444508076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.444564104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.444576979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.444586992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.444608927 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.444633007 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.444794893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.445162058 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.445209026 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.445235014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.445246935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.445293903 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.445451975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.445463896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.445492029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.445502996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.445511103 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.445538044 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.445822001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.445833921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.445843935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.445874929 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.446190119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.446201086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.446211100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.446221113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.446232080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.446238995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.446242094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.446252108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.446263075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.446264982 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.446285009 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.446993113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.447006941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.447016954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.447026968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.447036982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.447040081 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.447047949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.447057962 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.447060108 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.447071075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.447082043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.447087049 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.447093010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.447105885 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.447127104 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.447932005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.447945118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.447957039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.447968006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.447983027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.447987080 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.447993040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.448003054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.448009014 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.448013067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.448021889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.448033094 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.448033094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.448044062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.448054075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.448055983 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.448091030 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.448888063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.448898077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.448909998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.448920012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.448930025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.448935032 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.448939085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.448949099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.448959112 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.448960066 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.448968887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.448980093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.448991060 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.449008942 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.449804068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.449814081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.449822903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.449831963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.449841976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.449851036 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.449853897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.449866056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.449873924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.449877024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.449889898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.449899912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.449908972 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.449939013 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.450632095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.450644016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.450679064 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.467689037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.467725039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.467736006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.467856884 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.468175888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.468187094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.468198061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.468206882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.468216896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.468226910 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.468252897 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.508378029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.508414030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.508425951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.508476973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.508507013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.508512974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.508582115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.508591890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.508603096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.508611917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.508619070 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.508636951 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.511665106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.511703014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.511714935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.511723995 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.511749983 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.511917114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.511929035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.511939049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.511950016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.511974096 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.512000084 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.512367010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.512379885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.512392044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.512403011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.512413979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.512424946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.512427092 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.512437105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.512455940 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.513159037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.513173103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.513184071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.513195038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.513206005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.513211012 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.513217926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.513226986 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.513228893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.513240099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.513252020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.513257980 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.513262987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.513299942 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.514303923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.514322042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.514336109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.514360905 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.514384985 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.530875921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.530945063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.530956030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.531121969 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.531496048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.531507015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.531517029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.531527996 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.531573057 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.531666994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.531707048 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.531749964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.531759977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.531794071 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.531956911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.531966925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.531972885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.532006979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.532318115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.532327890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.532334089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.532346010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.532356977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.532366991 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.532367945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.532386065 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.532852888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.532862902 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.532871962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.532876968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.532886982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.532902956 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.532917976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.532928944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.532934904 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.532939911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.532949924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.532959938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.532974005 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.533004999 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.533888102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.533901930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.533911943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.533921957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.533931971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.533931971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.533942938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.533951044 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.533953905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.533963919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.533973932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.533983946 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.533987999 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.533993959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.534009933 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.534025908 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.534682035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.534801960 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.534811974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.534822941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.534832954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.534840107 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.534842968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.534852982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.534861088 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.534863949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.534874916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.534883976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.534898043 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.534909964 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.535767078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.535778046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.535787106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.535797119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.535806894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.535816908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.535832882 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.535836935 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.535842896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.535856009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.535865068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.535896063 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.535896063 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.536679029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.536689043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.536698103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.536705971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.536708117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.536719084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.536729097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.536730051 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.536739111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.536748886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.536758900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.536762953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.536780119 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.555197001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.555227995 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.555238962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.555289030 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.556021929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.556032896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.556042910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.556051016 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.556056023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.556101084 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.594827890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.594863892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.594875097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.594993114 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.595043898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.595093966 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.595144033 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.595155954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.595165968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.595189095 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.598664045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.598732948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.598735094 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.598743916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.598776102 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.598922014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.598932981 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.598973989 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.599142075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.599152088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.599162102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.599170923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.599181890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.599189043 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.599208117 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.599662066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.599670887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.599680901 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.599690914 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.599700928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.599710941 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.599714994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.599723101 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.599725008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.599750042 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.600450993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.600461006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.600471020 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.600492954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.600497007 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.600508928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.600514889 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.600518942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.600529909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.600538969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.600543976 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.600550890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.600563049 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.600588083 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.617611885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.617650032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.617660999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.617793083 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.617850065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.617860079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.617872000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.617882967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.617887974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.617923021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.618323088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.618366003 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.618396044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.618406057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.618443966 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.618592024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.618602991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.618613005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.618623972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.618638992 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.618659019 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.619013071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.619158983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.619168997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.619179010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.619188070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.619194031 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.619199038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.619209051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.619216919 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.619220972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.619231939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.619244099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.619247913 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.619271994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.620043039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.620054007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.620064974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.620074034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.620084047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.620094061 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.620104074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.620111942 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.620145082 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.620671034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.620682955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.620693922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.620702982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.620707035 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.620714903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.620724916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.620734930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.620737076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.620745897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.620757103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.620764017 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.620767117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.620805025 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.621604919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.621617079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.621627092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.621637106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.621646881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.621650934 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.621658087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.621668100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.621671915 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.621679068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.621690035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.621690989 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.621700048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.621709108 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.621731997 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.622431993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.622442961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.622452974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.622463942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.622474909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.622477055 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.622490883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.622500896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.622507095 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.622514009 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.622524023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.622529030 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.622534990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.622586966 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.622642994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.623410940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.623423100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.623434067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.623445034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.623450994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.623456955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.623470068 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.623476028 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.623480082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.623507977 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.623521090 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.641814947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.641887903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.641899109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.642057896 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.642102003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.642112970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.642122984 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.642185926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.642318010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.681303024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.681335926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.681345940 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.681401014 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.681457043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.681476116 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.681489944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.681503057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.681586027 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.681684971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.681694031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.681756020 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.684782028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.684842110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.684851885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.684859991 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.684923887 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.685055971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.685066938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.685076952 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.685087919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.685148001 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.685367107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.685378075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.685388088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.685398102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.685409069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.685411930 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.685420990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.685432911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.685436964 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.685457945 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.685888052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.685898066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.685908079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.685918093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.685930014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.685935020 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.685942888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.685955048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.685967922 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.685992956 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.686395884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.686407089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.686418056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.686428070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.686439037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.686450005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.686460018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.686464071 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.686464071 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.686490059 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.704288006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.704343081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.704354048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.704374075 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.704437971 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.705255985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.709124088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.709135056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.709208965 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.714091063 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.714113951 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.714121103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.714133024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.714145899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.714220047 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.718903065 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.718916893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.718956947 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.718997955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.719012022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.719044924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.723706007 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.723717928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.723768950 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.723856926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.723869085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.723879099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.723901033 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.728563070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.728574991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.728627920 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.728667974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.728678942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.728691101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.728704929 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.728734016 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.733319044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.733330965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.733429909 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.733433008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.733443975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.733498096 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.738063097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.738075972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.738152027 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.738166094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.738178968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.738239050 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.742779016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.742784977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.742794991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.742873907 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.742880106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.742889881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.743084908 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.747478962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.747492075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.747560024 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.747687101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.747699022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.747709036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.747761011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.747823954 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.752228022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.752239943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.752311945 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.752415895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.752428055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.752485037 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.756973028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.756985903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.757061005 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.757201910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.757214069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.757286072 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.761718988 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.761732101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.761742115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.761805058 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.761897087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.761950016 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.761959076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.766494036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.766505003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.766577005 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.766630888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.766643047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.766709089 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.771275043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.771289110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.771300077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.771338940 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.771361113 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.771400928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.771413088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.771454096 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.776043892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.776057959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.776106119 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.776135921 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.776149035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.776158094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.776180029 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.780831099 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.780844927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.780910015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.780921936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.780929089 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.781019926 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.785599947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.785613060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.785623074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.785701990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.785701990 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.785713911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.785778046 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.790379047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.790396929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.790414095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.790430069 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.790440083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.790477037 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.790544033 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.795106888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.795120001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.795192957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.795202017 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.795205116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.795216084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.795278072 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.799840927 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.799853086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.799918890 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.799962044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.799973965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.800035000 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.804604053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.804616928 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.804626942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.804693937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.804694891 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.804708004 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.804768085 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.809314966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.809328079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.809385061 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.809391022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.809402943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.809413910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.809425116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.809433937 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.809462070 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.814040899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.814054012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.814122915 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.814132929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.814145088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.814214945 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.818772078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.818789959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.818803072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.818824053 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.818849087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.818876028 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.818902969 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.818918943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.818953037 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.823487997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.823499918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.823542118 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.823604107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.823615074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.823649883 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.828253031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.828265905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.828275919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.828344107 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.828351021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.828362942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.828418970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.833014011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.833026886 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.833093882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.833106041 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.833118916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.833187103 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.837765932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.837778091 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.837788105 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.837847948 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.837862968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.837874889 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.837883949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.837940931 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.842475891 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.842487097 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.842556000 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.842577934 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.842591047 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.842602968 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.842644930 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.847330093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.847409964 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.847418070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.847429991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.847439051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.847529888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.847594976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.847657919 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.852150917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.852161884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.852171898 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.852243900 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.852343082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.852354050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.852406979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.856908083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.856920958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.856991053 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.857044935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.857054949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.857391119 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.861649036 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.861660957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.861670971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.861742020 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.861778975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.861792088 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.861803055 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.861979008 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.866398096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.866410017 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.866482973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.866497993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.866508961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.866573095 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.871177912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.871196032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.871272087 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.871390104 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.871402025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.871411085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.871433020 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.871458054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.875905037 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.875916958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.875967979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.876023054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.876049042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.876085997 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.880675077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.880686998 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.880697012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.880744934 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.880795956 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.880806923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.880841970 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.885379076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.885390997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.885481119 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.885524035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.885535955 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.885600090 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.890110970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.890122890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.890132904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.890142918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.890173912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.890182972 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.890222073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.890233040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.890261889 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.894943953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.894954920 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.894964933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.894974947 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.894984961 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.894989014 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.894996881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.895008087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.895018101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.895028114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.895037889 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.895040035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.895049095 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.895073891 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.895294905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.895306110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.895342112 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.895409107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.895420074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.895428896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.895440102 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.895451069 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.895452976 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.895464897 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.895474911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.895479918 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.895498991 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.895519018 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.896260023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.896270990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.896280050 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.896290064 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.896301985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.896307945 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.896313906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.896322966 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.896333933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.896342993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.896353006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.896354914 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.896363974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.896382093 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.896398067 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.897233963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.897245884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.897257090 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.897265911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.897277117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.897284985 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.897289038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.897299051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.897308111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.897310972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.897321939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.897331953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.897334099 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.897341967 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.897353888 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.897380114 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.898166895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.898178101 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.898186922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.898199081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.898209095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.898219109 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.898224115 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.898228884 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.898230076 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.898241043 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.898251057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.898252010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.898262024 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.898278952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.898298025 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.899120092 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.899132013 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.899139881 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.899149895 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.899159908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.899171114 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.899171114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.899182081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.899193048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.899194002 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.899203062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.899209023 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.899213076 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.899223089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.899230957 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.899252892 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.900049925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.900059938 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.900068045 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.900079012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.900089025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.900099993 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.900100946 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.900110006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.900120974 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.900122881 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.900130987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.900141954 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.900152922 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.900162935 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.900166988 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.900186062 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.901046038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.901057005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.901063919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.901073933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.901084900 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.901093006 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.901094913 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.901106119 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.901115894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.901123047 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.901127100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.901137114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.901146889 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.901149035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.901159048 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.901186943 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.901937962 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.901947975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.901957035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.901968002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.901976109 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.901978970 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.901988983 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.901998997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.902000904 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.902009964 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.902019978 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.902020931 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.902030945 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.902040958 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.902048111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.902067900 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.902623892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.902636051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.902643919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.902656078 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.902668953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.902698994 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.902738094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.902750015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.902762890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.902774096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.902781963 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.902786016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.902797937 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.902806044 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.902808905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.902817011 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.902822018 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.902833939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.902848005 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.902879953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.903644085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.903655052 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.903666019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.903676987 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.903687000 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.903693914 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.903701067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.903712034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.903712034 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.903723001 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.903734922 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.903739929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.903752089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.903764963 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.903773069 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.903804064 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.941694975 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.941756010 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.941765070 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.941787004 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.941881895 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.941950083 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.941960096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.941970110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.941981077 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.942023039 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.942082882 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.945353985 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.945420027 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.945430040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.945486069 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.945620060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.945630074 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.945717096 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.945746899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.945792913 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.945825100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.945837021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.945847034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.945859909 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.945873022 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.945907116 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.946191072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.946403980 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.946413994 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.946423054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.946433067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.946444035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.946453094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.946464062 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.946474075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.946484089 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.946489096 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.946495056 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.946528912 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.947205067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.947215080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.947225094 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.947235107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.947244883 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.947254896 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.947267056 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.947288036 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.963824034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.963886023 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.963891029 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.964050055 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.964062929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.964072943 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.964082003 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.964092016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.964104891 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.964134932 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.964608908 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.964656115 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.964664936 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.964690924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.965128899 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965137959 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965147972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965157032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965163946 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.965167999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965188980 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.965219021 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.965313911 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965322971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965337992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965348005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965358019 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965361118 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.965368032 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965383053 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.965409040 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.965848923 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965859890 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965869904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965879917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965888977 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965899944 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965910912 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965913057 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.965920925 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965930939 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965939999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965940952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.965949059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.965955973 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.965986967 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.966730118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.966739893 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.966748953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.966757059 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.966767073 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.966766119 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.966778040 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.966787100 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.966797113 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.966804981 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.966809034 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.966819048 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.966830015 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.966830969 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.966850996 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.966867924 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.967607021 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.967617035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.967624903 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.967634916 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.967644930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.967653990 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.967653036 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.967664957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.967675924 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.967684031 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.967686892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.967696905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.967705965 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.967708111 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.967715979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.967721939 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.967742920 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.968466997 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.968476057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.968497038 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.968504906 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.968516111 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.968523979 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.968527079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.968533039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.968543053 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.968553066 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.968556881 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.968563080 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.968573093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.968578100 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.968583107 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.968599081 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.968619108 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.969321012 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.969332933 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.969346046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.969357014 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.969361067 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.969369888 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.969378948 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.969387054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.969418049 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.987926006 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.988115072 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.988125086 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.988194942 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.988199949 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.988205910 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.988210917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:50.988230944 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:50.988331079 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.028361082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.028516054 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.028528929 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.028597116 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.028606892 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.028619051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.028631926 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.028753996 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.031692982 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.031750917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.031761885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.031790018 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.031891108 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.031955957 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.031965971 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.031975031 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.031985044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.032022953 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.032082081 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.032282114 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.032293081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.032299042 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.032329082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.032339096 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.032340050 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.032349110 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.032358885 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.032371998 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.032392025 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.033070087 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.033082008 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.033092022 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.033101082 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.033112049 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.033118010 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.033123016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.033133030 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.033137083 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.033143044 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.033153057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.033158064 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.033163071 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.033173084 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.033180952 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.033217907 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.033776999 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.033788919 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.033807039 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.033830881 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.050301075 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.050357103 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.050367117 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.050461054 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.050515890 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.050569057 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.050580025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.050589085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.050599098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.050657988 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.050925016 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.051017046 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.051026106 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.051062107 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.051167011 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.051213026 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.051217079 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.051227093 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.051238060 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.051265001 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.051554918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.051564932 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.051573992 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.051584005 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.051597118 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.051599979 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.051606894 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.051615953 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.051630974 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.051652908 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.052141905 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052151918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052160025 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052169085 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052179098 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052187920 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052194118 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.052198887 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052216053 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.052236080 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.052659035 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052670002 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052707911 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.052869081 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052879095 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052887917 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052897930 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052911043 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.052913904 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052923918 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052932978 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.052933931 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052942991 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052952051 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052957058 CEST4972680192.168.2.8104.16.149.130
                                                  Jul 22, 2024 12:50:51.052963972 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052973986 CEST8049726104.16.149.130192.168.2.8
                                                  Jul 22, 2024 12:50:51.052978039 CEST4972680192.168.2.8104.16.149.130

                                                  DNS Queries

                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                  Jul 22, 2024 12:50:19.875780106 CEST192.168.2.81.1.1.10xd186Standard query (0)offers.filezilla-project.orgA (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:50:30.174447060 CEST192.168.2.81.1.1.10x5815Standard query (0)webcompanion.comA (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:50:40.686551094 CEST192.168.2.81.1.1.10xbff6Standard query (0)flow.lavasoft.comA (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:50:42.930823088 CEST192.168.2.81.1.1.10x3b68Standard query (0)wc-update-service.lavasoft.comA (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:50:43.714524984 CEST192.168.2.81.1.1.10x9182Standard query (0)wcdownloadercdn.lavasoft.comA (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:50:57.052108049 CEST192.168.2.81.1.1.10xbae9Standard query (0)rt.webcompanion.comA (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:51:38.610642910 CEST192.168.2.81.1.1.10xd1Standard query (0)acs.lavasoft.comA (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:51:39.377999067 CEST192.168.2.81.1.1.10x3a75Standard query (0)acscdn.lavasoft.comA (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:51:47.097862959 CEST192.168.2.81.1.1.10x2e61Standard query (0)rt.webcompanion.comA (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:51:48.148468018 CEST192.168.2.81.1.1.10x8fe8Standard query (0)wc-partners.lavasoft.comA (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:51:49.250149012 CEST192.168.2.81.1.1.10x89f9Standard query (0)flow.lavasoft.comA (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:51:51.358628988 CEST192.168.2.81.1.1.10x5c1eStandard query (0)ocsp.entrust.netA (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:51:55.395607948 CEST192.168.2.81.1.1.10xe808Standard query (0)wsgeoip.lavasoft.comA (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:52:08.845482111 CEST192.168.2.81.1.1.10x7437Standard query (0)flow.lavasoft.comA (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:53:27.372061968 CEST192.168.2.81.1.1.10x6b6dStandard query (0)rt.webcompanion.comA (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:53:29.122575045 CEST192.168.2.81.1.1.10x63b8Standard query (0)sg-bitmask.adaware.comA (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:53:31.123948097 CEST192.168.2.81.1.1.10x677fStandard query (0)webcompanion.comA (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:53:34.197746992 CEST192.168.2.81.1.1.10x3c2eStandard query (0)www.google.comA (IP address)IN (0x0001)false

                                                  DNS Answers

                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                  Jul 22, 2024 12:50:19.890325069 CEST1.1.1.1192.168.2.80xd186No error (0)offers.filezilla-project.orgfilezilla-project.orgCNAME (Canonical name)IN (0x0001)false
                                                  Jul 22, 2024 12:50:19.890325069 CEST1.1.1.1192.168.2.80xd186No error (0)filezilla-project.org49.12.121.47A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:50:30.182357073 CEST1.1.1.1192.168.2.80x5815No error (0)webcompanion.com104.19.208.152A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:50:30.182357073 CEST1.1.1.1192.168.2.80x5815No error (0)webcompanion.com104.19.159.224A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:50:31.185458899 CEST1.1.1.1192.168.2.80x7b3fNo error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:50:31.185458899 CEST1.1.1.1192.168.2.80x7b3fNo error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:50:40.694802046 CEST1.1.1.1192.168.2.80xbff6No error (0)flow.lavasoft.com104.16.148.130A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:50:40.694802046 CEST1.1.1.1192.168.2.80xbff6No error (0)flow.lavasoft.com104.16.149.130A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:50:42.939054966 CEST1.1.1.1192.168.2.80x3b68No error (0)wc-update-service.lavasoft.com64.18.87.82A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:50:42.939054966 CEST1.1.1.1192.168.2.80x3b68No error (0)wc-update-service.lavasoft.com64.18.87.81A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:50:43.726104021 CEST1.1.1.1192.168.2.80x9182No error (0)wcdownloadercdn.lavasoft.com104.16.149.130A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:50:43.726104021 CEST1.1.1.1192.168.2.80x9182No error (0)wcdownloadercdn.lavasoft.com104.16.148.130A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:50:57.060820103 CEST1.1.1.1192.168.2.80xbae9No error (0)rt.webcompanion.com104.19.159.224A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:50:57.060820103 CEST1.1.1.1192.168.2.80xbae9No error (0)rt.webcompanion.com104.19.208.152A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:51:38.623703003 CEST1.1.1.1192.168.2.80xd1No error (0)acs.lavasoft.com104.16.149.130A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:51:38.623703003 CEST1.1.1.1192.168.2.80xd1No error (0)acs.lavasoft.com104.16.148.130A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:51:39.387841940 CEST1.1.1.1192.168.2.80x3a75No error (0)acscdn.lavasoft.com104.16.149.130A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:51:39.387841940 CEST1.1.1.1192.168.2.80x3a75No error (0)acscdn.lavasoft.com104.16.148.130A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:51:47.106110096 CEST1.1.1.1192.168.2.80x2e61No error (0)rt.webcompanion.com104.19.159.224A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:51:47.106110096 CEST1.1.1.1192.168.2.80x2e61No error (0)rt.webcompanion.com104.19.208.152A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:51:48.167033911 CEST1.1.1.1192.168.2.80x8fe8No error (0)wc-partners.lavasoft.com64.18.87.82A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:51:48.167033911 CEST1.1.1.1192.168.2.80x8fe8No error (0)wc-partners.lavasoft.com64.18.87.81A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:51:49.262392998 CEST1.1.1.1192.168.2.80x89f9No error (0)flow.lavasoft.com104.16.149.130A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:51:49.262392998 CEST1.1.1.1192.168.2.80x89f9No error (0)flow.lavasoft.com104.16.148.130A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:51:51.368125916 CEST1.1.1.1192.168.2.80x5c1eNo error (0)ocsp.entrust.netocsp.entrust.net.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                  Jul 22, 2024 12:51:55.405318022 CEST1.1.1.1192.168.2.80xe808No error (0)wsgeoip.lavasoft.com64.18.87.4A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:52:08.854084969 CEST1.1.1.1192.168.2.80x7437No error (0)flow.lavasoft.com104.16.149.130A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:52:08.854084969 CEST1.1.1.1192.168.2.80x7437No error (0)flow.lavasoft.com104.16.148.130A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:53:27.380992889 CEST1.1.1.1192.168.2.80x6b6dNo error (0)rt.webcompanion.com104.19.159.224A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:53:27.380992889 CEST1.1.1.1192.168.2.80x6b6dNo error (0)rt.webcompanion.com104.19.208.152A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:53:29.133460045 CEST1.1.1.1192.168.2.80x63b8No error (0)sg-bitmask.adaware.com104.16.213.94A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:53:29.133460045 CEST1.1.1.1192.168.2.80x63b8No error (0)sg-bitmask.adaware.com104.16.212.94A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:53:31.135698080 CEST1.1.1.1192.168.2.80x677fNo error (0)webcompanion.com104.19.159.224A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:53:31.135698080 CEST1.1.1.1192.168.2.80x677fNo error (0)webcompanion.com104.19.208.152A (IP address)IN (0x0001)false
                                                  Jul 22, 2024 12:53:34.205147028 CEST1.1.1.1192.168.2.80x3c2eNo error (0)www.google.com172.217.18.4A (IP address)IN (0x0001)false

                                                  HTTP Packets

                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  0192.168.2.849720104.16.148.130804648C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:50:40.710808992 CEST186OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 538
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:50:40.715789080 CEST538OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30
                                                  Data Ascii: {"Data": {"MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Version":"9.1.0.993","OsVersion":"Microsoft Windows 10 Pro","OsBit":"64","PartnerID":"FZ210427","CampaignID":null,"LanguageIso2":n
                                                  Jul 22, 2024 12:50:41.232688904 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:50:41 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72df0719931835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:50:41.261960030 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 413
                                                  Jul 22, 2024 12:50:41.266940117 CEST413OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30
                                                  Data Ascii: {"Data": {"MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Version":"9.1.0.993","OsVersion":"Microsoft Windows 10 Pro","OsBit":"64","PartnerID":"FZ210427","CampaignID":null,"LanguageIso2":n
                                                  Jul 22, 2024 12:50:41.392436028 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:50:41 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72df083a101835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:50:41.401196957 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 419
                                                  Jul 22, 2024 12:50:41.406202078 CEST419OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30
                                                  Data Ascii: {"Data": {"MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Version":"9.1.0.993","OsVersion":"Microsoft Windows 10 Pro","OsBit":"64","PartnerID":"FZ210427","CampaignID":null,"LanguageIso2":n
                                                  Jul 22, 2024 12:50:41.639314890 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:50:41 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72df091a8a1835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:50:41.657022953 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 397
                                                  Jul 22, 2024 12:50:41.662017107 CEST397OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30
                                                  Data Ascii: {"Data": {"MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Version":"9.1.0.993","OsVersion":"Microsoft Windows 10 Pro","OsBit":"64","PartnerID":"FZ210427","CampaignID":null,"LanguageIso2":n
                                                  Jul 22, 2024 12:50:41.784491062 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:50:41 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72df0aab691835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:50:41.805897951 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 389
                                                  Jul 22, 2024 12:50:41.812074900 CEST389OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30
                                                  Data Ascii: {"Data": {"MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Version":"9.1.0.993","OsVersion":"Microsoft Windows 10 Pro","OsBit":"64","PartnerID":"FZ210427","CampaignID":null,"LanguageIso2":n
                                                  Jul 22, 2024 12:50:41.975637913 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:50:41 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72df0b9bdd1835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:50:41.984899044 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 391
                                                  Jul 22, 2024 12:50:41.989769936 CEST391OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30
                                                  Data Ascii: {"Data": {"MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Version":"9.1.0.993","OsVersion":"Microsoft Windows 10 Pro","OsBit":"64","PartnerID":"FZ210427","CampaignID":null,"LanguageIso2":n
                                                  Jul 22, 2024 12:50:42.151127100 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:50:42 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72df0cbc621835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:50:42.160337925 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 406
                                                  Jul 22, 2024 12:50:42.165294886 CEST406OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30
                                                  Data Ascii: {"Data": {"MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Version":"9.1.0.993","OsVersion":"Microsoft Windows 10 Pro","OsBit":"64","PartnerID":"FZ210427","CampaignID":null,"LanguageIso2":n
                                                  Jul 22, 2024 12:50:42.327850103 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:50:42 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72df0ddcf31835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:50:42.349273920 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 422
                                                  Jul 22, 2024 12:50:42.354393959 CEST422OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30
                                                  Data Ascii: {"Data": {"MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Version":"9.1.0.993","OsVersion":"Microsoft Windows 10 Pro","OsBit":"64","PartnerID":"FZ210427","CampaignID":null,"LanguageIso2":n
                                                  Jul 22, 2024 12:50:42.520427942 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:50:42 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72df0efdca1835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:50:53.147175074 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 448
                                                  Jul 22, 2024 12:50:53.152350903 CEST448OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30
                                                  Data Ascii: {"Data": {"MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Version":"9.1.0.993","OsVersion":"Microsoft Windows 10 Pro","OsBit":"64","PartnerID":"FZ210427","CampaignID":null,"LanguageIso2":n
                                                  Jul 22, 2024 12:50:53.325208902 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:50:53 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72df527c801835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:50:55.949902058 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 422
                                                  Jul 22, 2024 12:50:55.955705881 CEST422OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30
                                                  Data Ascii: {"Data": {"MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Version":"9.1.0.993","OsVersion":"Microsoft Windows 10 Pro","OsBit":"64","PartnerID":"FZ210427","CampaignID":null,"LanguageIso2":n
                                                  Jul 22, 2024 12:50:56.116619110 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:50:56 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72df640d1c1835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:50:56.610944033 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 427
                                                  Jul 22, 2024 12:50:57.049525023 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:50:56 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72df682f581835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:50:57.051197052 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:50:56 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72df682f581835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:51:12.124788046 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 438
                                                  Jul 22, 2024 12:51:12.304632902 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:12 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72dfc91a9e1835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:51:16.928736925 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 422
                                                  Jul 22, 2024 12:51:17.100229979 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:17 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72dfe71ae81835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:51:38.221127033 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 425
                                                  Jul 22, 2024 12:51:38.401098013 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:38 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e06c3f8c1835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:51:38.432401896 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 420
                                                  Jul 22, 2024 12:51:38.606585979 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:38 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e06d88411835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:51:41.992780924 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 397
                                                  Jul 22, 2024 12:51:42.164715052 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:42 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e083cb631835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:51:43.685514927 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 397
                                                  Jul 22, 2024 12:51:43.919321060 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:43 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e08e584e1835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:51:43.929771900 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 418
                                                  Jul 22, 2024 12:51:44.061089039 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:44 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e08fd8f31835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:51:44.073854923 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 414
                                                  Jul 22, 2024 12:51:44.244980097 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:44 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e090c9441835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:51:44.266357899 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 457
                                                  Jul 22, 2024 12:51:44.481921911 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:44 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e091f9db1835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:51:44.505422115 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 470
                                                  Jul 22, 2024 12:51:44.638287067 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:44 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e0937ac51835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:51:44.651436090 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 464
                                                  Jul 22, 2024 12:51:44.866736889 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:44 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e0946b251835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:51:44.910207033 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 434
                                                  Jul 22, 2024 12:51:45.052788973 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:44 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e0960bd81835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:51:45.060260057 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 458
                                                  Jul 22, 2024 12:51:45.229728937 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:45 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e096fc371835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:51:45.237538099 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 459
                                                  Jul 22, 2024 12:51:45.404215097 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:45 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e0980cc71835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:51:45.413764000 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 442
                                                  Jul 22, 2024 12:51:45.579185963 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:45 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e0992d3a1835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:51:45.589867115 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 453
                                                  Jul 22, 2024 12:51:45.765284061 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:45 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e09a4dc81835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:51:45.778981924 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 452
                                                  Jul 22, 2024 12:51:45.967144966 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:45 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e09b6e5c1835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:51:46.000345945 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 452
                                                  Jul 22, 2024 12:51:46.129069090 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:46 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e09cdf091835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:53:26.138791084 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 584
                                                  Jul 22, 2024 12:53:26.505630016 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:53:26 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e30eae571835-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  1192.168.2.84972364.18.87.82804648C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:50:42.949088097 CEST211OUTPOST /update.asmx HTTP/1.1
                                                  Content-Type: text/xml; charset=utf-8
                                                  SOAPAction: "http://tempuri.org/GetComponentsVersionInfo"
                                                  Host: wc-update-service.lavasoft.com
                                                  Content-Length: 280
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:50:42.949198961 CEST280OUTData Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 43 6f 6d 70 6f 6e
                                                  Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetComponentsVersionInfo xmlns="http://tempuri.org/" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><platform>prod</platform><version>9.1.0.993</version></GetCompone
                                                  Jul 22, 2024 12:50:43.418436050 CEST1236INHTTP/1.1 200 OK
                                                  Server: nginx
                                                  Date: Mon, 22 Jul 2024 10:50:43 GMT
                                                  Content-Type: text/xml; charset=utf-8
                                                  Content-Length: 1449
                                                  Connection: keep-alive
                                                  Cache-Control: private, max-age=0
                                                  X-AspNet-Version: 4.0.30319
                                                  X-Powered-By: ASP.NET
                                                  Access-Control-Allow-Origin: http://webcompanion.com
                                                  Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 47 65 74 43 6f 6d 70 6f 6e 65 6e 74 73 56 65 72 73 69 6f 6e 49 6e 66 6f 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 47 65 74 43 6f 6d 70 6f 6e 65 6e 74 73 56 65 72 73 69 6f 6e 49 6e 66 6f 52 65 73 75 6c 74 3e 3c 43 6f 6d 70 6f 6e 65 6e 74 73 3e 3c 43 6f 6d 70 6f 6e 65 6e 74 56 65 72 73 [TRUNCATED]
                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><GetComponentsVersionInfoResponse xmlns="http://tempuri.org/"><GetComponentsVersionInfoResult><Components><ComponentVersionInfo><Name>installer</Name><Version>9.1.0.993</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/Installer.exe</DownloadUrl></ComponentVersionInfo><ComponentVersionInfo><Name>application</Name><Version>2.1.1117.2317</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/Installer.msi</DownloadUrl></ComponentVersionInfo><ComponentVersionInfo><Name>tcpservice</Name><Version>2.3.4.7</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/TcpService.msi</DownloadUrl></ComponentVersionInfo><ComponentVersionInfo><Name>42f00399-529e-4915-83ce-5b4c18049fc8</
                                                  Jul 22, 2024 12:50:43.418459892 CEST510INData Raw: 4e 61 6d 65 3e 3c 56 65 72 73 69 6f 6e 3e 39 2e 31 2e 30 2e 39 39 33 3c 2f 56 65 72 73 69 6f 6e 3e 3c 44 6f 77 6e 6c 6f 61 64 55 72 6c 3e 68 74 74 70 3a 2f 2f 77 63 64 6f 77 6e 6c 6f 61 64 65 72 63 64 6e 2e 6c 61 76 61 73 6f 66 74 2e 63 6f 6d 2f
                                                  Data Ascii: Name><Version>9.1.0.993</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/WcInstaller.exe</DownloadUrl></ComponentVersionInfo><ComponentVersionInfo><Name>webcompanion</Name><Version>9.1.0.993</Version><DownloadUrl>http://wcdo


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  2192.168.2.849726104.16.149.130804648C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:50:43.768233061 CEST119OUTGET /9.1.0.993/WebCompanion-9.1.0.993-prod.zip HTTP/1.1
                                                  Host: wcdownloadercdn.lavasoft.com
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:50:44.225122929 CEST1236INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:50:44 GMT
                                                  Content-Type: application/zip
                                                  Content-Length: 12024981
                                                  Connection: keep-alive
                                                  ETag: "1474771251"
                                                  Last-Modified: Fri, 24 Nov 2023 19:05:15 GMT
                                                  CF-Cache-Status: HIT
                                                  Age: 1042
                                                  Expires: Mon, 22 Jul 2024 14:50:44 GMT
                                                  Cache-Control: public, max-age=14400
                                                  Accept-Ranges: bytes
                                                  Server: cloudflare
                                                  CF-RAY: 8a72df1a0d520f74-EWR
                                                  Data Raw: 50 4b 03 04 14 00 00 00 08 00 27 2d 78 57 0a 72 2c 2d 67 46 03 00 d8 24 07 00 13 00 00 00 41 70 70 6c 69 63 61 74 69 6f 6e 2f 37 7a 61 2e 65 78 65 ec bd 79 78 54 45 d6 38 7c 7b 49 d2 59 48 27 40 43 58 c4 56 5b 8d 84 25 43 50 93 34 68 5f d2 4d 6e 43 47 40 44 51 a3 a0 68 0b ae 18 fa 86 20 8b 60 27 be e9 5c 5b 1d c5 19 75 1c c7 79 67 9c cf 19 97 51 47 59 5c bb 13 c8 c2 be b8 b0 8c 8a 7b 85 16 64 91 10 b6 dc ef 9c 53 b7 b7 10 a2 cf f7 fc 7e ff 7d 79 9e f4 dd aa 4e 9d 3a 75 ea d4 a9 53 a7 4e 55 dc f4 a4 60 10 04 c1 08 ff aa 2a 08 6b 04 fe e7 10 7e fd 8f c1 7f f6 f9 ef 65 0b ef a4 6f be 60 8d ce b3 f9 82 eb e6 ce 5b 60 9d 5f f5 c0 5d 55 b7 dd 67 9d 73 db fd f7 3f e0 b3 de 7e a7 b5 4a be df 3a ef 7e ab 73 ca 74 eb 7d 0f dc 71 e7 a8 3e 7d 32 6c 1a 8c f3 87 dd dd 75 f3 c3 c6 d7 a3 ff 23 bf 59 f4 fa 4d 74 7d f8 f5 a9 f4 2e e5 f5 36 7a be fb f5 1c ba ce 7b fd 3a b8 3a be 79 5e 4b 57 a3 5d 97 d0 f5 da 79 73 e6 22 9c ee b8 4e 75 09 c2 1d 8f a6 08 f3 bf bf ef a6 e8 bb 43 c2 45 42 a6 de 24 08 cd 50 fb 6b f4 f4 2e [TRUNCATED]
                                                  Data Ascii: PK'-xWr,-gF$Application/7za.exeyxTE8|{IYH'@CXV[%CP4h_MnCG@DQh `'\[uygQGY\{dS~}yN:uSNU`*k~eo`[`_]Ugs?~J:~st}q>}2lu#YMt}.6z{::y^KW]ys"NuCEB$Pk.s(zNK~+LITolmYp=*#gr<wgzbQUwM:LnHNr]#TArvO5':B]p}<lxU 6?iog7H%E_Bd f]&IQGSxoK./~gQ_^(h^DqJ\Y2&Fo`}98E'Kne+c_/oo+gzM6DD^I9!0HJ?h72"U;RY=bk^y0lm*h9fJ-NKUHH"YI)8=s>)MPH!LeJ`bc(:-M=}v=9:u.7XO
                                                  Jul 22, 2024 12:50:44.225142002 CEST1236INData Raw: d2 9b cc 54 e9 cf 25 65 8a 29 56 eb d5 f0 72 53 9c 96 73 13 aa 08 e5 6f 97 82 1e 5b 31 db 43 d5 a0 db d5 20 bd f9 dd 8d 78 37 67 29 50 fe ab 3a 15 c9 fe ad c1 df 02 d5 88 c0 1b 17 14 38 d6 20 d5 75 f8 00 c9 6c 76 2d 61 b0 85 4d 42 0c 54 79 57 8b
                                                  Data Ascii: T%e)VrSso[1C x7g)P:8 ulv-aMBTyWDp$0x>'Kl/gUb{!_,<.$#zhe+P$8h,lVbomTig,%%QmMgqBb'=23/8k
                                                  Jul 22, 2024 12:50:44.225153923 CEST1236INData Raw: 74 32 01 1d 09 f0 f1 28 1b 16 6c c2 57 ee 39 8d ae 7a 13 e1 b3 03 f1 f1 18 ad 09 08 39 0d 3b e5 43 1a 3e 8e 9b 9b a0 da e2 5a 10 cb 82 12 8e 18 a0 d6 61 66 94 3b 45 25 5c 31 67 77 b3 31 47 f0 18 f6 b8 d5 8d 2e a5 51 0c ef 37 8a fe 7d 66 10 7d 19
                                                  Data Ascii: t2(lW9z9;C>Zaf;E%\1gw1G.Q7}f}bqZh^j^h3O6y$!n86O00\tEIgAm\~j`+yZWb@?yE7GJjt|w{M4=[&{tIV
                                                  Jul 22, 2024 12:50:44.225214958 CEST1236INData Raw: ab cc 38 c0 50 ce 87 cf 03 25 37 5b cb ba 95 4d cd 8b cd f5 b7 43 99 0d 68 85 91 66 dd dc 74 f6 9c e6 a6 70 dc be 82 ef 97 2f 32 01 52 bb 7d 43 89 8a f7 86 8c 02 a8 d2 46 a8 47 1f a9 05 8d 93 42 73 99 49 e0 15 04 70 dc 74 06 09 87 40 c2 a2 36 7b
                                                  Data Ascii: 8P%7[MChftp/2R}CFGBsIpt@6{X#t9w6Z;LM HjV]i8.TRTH'F0n8//v S:tgsvGS-sH;>N+%{c3`.Pq?
                                                  Jul 22, 2024 12:50:44.225228071 CEST1236INData Raw: 5f b1 72 b7 c9 3e 0f e1 56 e8 d8 4b 71 b8 e1 63 1c ee 03 04 f7 01 64 2a 42 3d 0a f9 48 22 e4 18 5c 10 2a 45 b8 2e e4 ad 03 fe 3b ec 1b 28 29 1b bc e3 97 0b 0b ae 47 79 a2 b6 78 15 1d 7c 91 7f b2 2f c3 02 a7 e8 d8 68 2a 30 1b 0b 9c 7a 2c c6 32 ca
                                                  Data Ascii: _r>VKqcd*B=H"\*E.;()Gyx|/h*0z,2:5QNe+V6`1WHZg4Q\#_Ozh!!URcrH~(iUl@$b$VM2-{GF6iVN4Y}q>t9,r`o0N:bz7OF
                                                  Jul 22, 2024 12:50:44.225353956 CEST1236INData Raw: de a1 5a ec af 73 73 63 1a 9f 91 a4 4a 05 06 69 7b 67 4c de f9 17 99 04 98 39 36 e2 42 74 2e 8c 9b 30 86 4f e8 8a a4 4b f6 0d be 7e 92 bf 1d a6 87 25 3a d0 45 0b 36 48 db 4f 28 71 73 03 e5 93 53 f9 63 62 4e b3 77 fc 68 c1 d7 17 f3 7f 83 f9 61 e6
                                                  Data Ascii: ZsscJi{gL96Bt.0OK~%:E6HO(qsScbNwha_),"V_f=]NMd-m?U7&&>Q:n:vWbY.K~G%{TF0q5*aj^}g^}#&<QN#&wnvM6QrWp2Y7
                                                  Jul 22, 2024 12:50:44.225364923 CEST1236INData Raw: 74 a9 25 c4 e1 87 b7 e1 bc b1 20 ec 41 f8 15 c9 f0 3f 8c c2 73 9f 05 bf cd 69 5e a5 13 83 8e 6d fe ce f4 ea a1 68 a1 f6 77 a6 a0 1d dd d1 16 e9 03 bf 7f c1 47 7c ff 4f f1 38 7a 6e 1e 92 b3 c4 f0 d7 46 67 66 ab a4 86 23 8d 00 2c 8e 7b 98 74 37 b7
                                                  Data Ascii: t% A?si^mhwG|O8znFgf#,{t7rU[|KL/PQ\,Bqz30.d~dd5:"#1Z##uwpe4Erug I7Fm+%w^8Xi4j,}m?"4f@
                                                  Jul 22, 2024 12:50:44.225375891 CEST1236INData Raw: db ca 64 93 fd b0 6f 90 a4 b6 b8 ed 67 96 ad 1c c3 57 2d e3 ea cc 9b ba c8 01 de 6f 8b 42 25 62 8e 3c b4 44 b4 ca 03 4b 44 87 dc d7 bf a8 50 27 67 49 8a 08 a5 9b d8 ef e3 76 f4 d8 bc 85 db 97 4a 6e b4 56 5f 59 a4 2e 1f 7f df ec 54 14 c0 13 61 1a
                                                  Data Ascii: dogW-oB%b<DKDP'gIvJnV_Y.Ta3YiQ|Bq~b-&kTmH(M`\XBa2X(GR09sb~~Y>G%pyPJeUlQ3MD'tH_Rj|X2bC{2PDU_Nu6w+Xk
                                                  Jul 22, 2024 12:50:44.225507975 CEST1236INData Raw: 69 4e a5 0d 46 2a 5c 0c 18 49 fb 03 9b b4 fd 81 4e 4c 38 36 2d b6 1b 79 dd 0e 2c 71 0b fb 60 07 ae bb e0 ce 2f c4 f2 8d 1d a8 84 47 26 fe 66 30 4b 35 30 72 12 98 bb 76 20 81 d6 93 ab 71 d4 66 98 d0 b6 85 6c 62 38 a9 0f 25 c9 10 b1 e1 30 28 e5 8e
                                                  Data Ascii: iNF*\INL86-y,q`/G&f0K50rv qflb8%0(=0E_g/s)![AE~@!-0u4|t&{n`QkvQ<1{f6ruSFC5p_5p}YB<gm=r
                                                  Jul 22, 2024 12:50:44.225519896 CEST1236INData Raw: bc e5 a9 ce de f6 51 e6 13 6f 1c 0c 74 8f 65 54 93 c0 e8 38 1b 91 fc 8d c5 34 3a 17 80 40 2e 3a 50 72 8f d5 fc e8 7f 31 6e 86 66 9b 33 a6 e2 bc eb 15 ea 2f 21 13 de d3 32 2f 5f 2b 7a 3a 82 06 30 73 a0 8e 9c 37 a9 55 57 6a cb c0 48 f3 9c cf 01 64
                                                  Data Ascii: QoteT84:@.:Pr1nf3/!2/_+z:0s7UWjHd{hJWhy{=uS<risG6xi5mgXJVaKu{n9(mi4nDvi;Wm&yLy1;8y6k6ywN
                                                  Jul 22, 2024 12:50:44.230026007 CEST1236INData Raw: c6 03 0c c9 0e b3 bb 34 2d bc 65 f7 bd 6e 5c ed 67 4b 13 f3 c3 e4 6e 8b 6a c9 e8 96 35 ea f3 02 03 7b 21 6d ab 00 54 fb cc 90 52 b5 ce ae 18 a2 0b 2e 6b 52 30 60 08 da 38 bc dc 17 51 b5 34 2f 35 0a e3 8d f0 7a a1 05 6a 94 1b f3 1a bf 7f 0b d9 43
                                                  Data Ascii: 4-en\gKnj5{!mTR.kR0`8Q4/5zjCVbBhK&Q~l^@fVcQC2dOD\1R^{5ylRMB_6[p/f-G<4: :aCA4IIm-ZLi)VT+\LpujG>%FAnR


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  3192.168.2.849739104.19.159.22480632C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:51:47.115567923 CEST113OUTGET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1
                                                  Host: rt.webcompanion.com
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:51:47.662381887 CEST1236INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:47 GMT
                                                  Content-Type: application/zip
                                                  Content-Length: 17770
                                                  Connection: keep-alive
                                                  ETag: "1817264281"
                                                  Last-Modified: Mon, 17 Jun 2024 14:26:00 GMT
                                                  CF-Cache-Status: HIT
                                                  Age: 236
                                                  Expires: Mon, 22 Jul 2024 14:51:47 GMT
                                                  Cache-Control: public, max-age=14400
                                                  Accept-Ranges: bytes
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e0a61c308ce6-EWR
                                                  Data Raw: 50 4b 03 04 14 00 01 00 08 00 3a 3d 41 58 37 5c 92 30 c0 44 00 00 72 cc 04 00 12 00 00 00 41 63 74 69 76 65 46 65 61 74 75 72 65 73 2e 74 78 74 a0 9b 2b 93 83 40 fc 73 6a 70 bb 23 a6 14 85 19 db 7f 9e 92 13 c4 c9 4b 31 fb 85 fc 04 d8 12 02 3b 04 ac 2f 2d a7 ef 1b ac a6 c7 02 06 b4 5b a6 5b 13 0e 41 d0 84 42 9e c4 12 82 c4 65 78 71 e8 aa bd c0 29 37 0e 92 20 37 3a 5e 80 b9 ea 89 67 13 4b 20 f3 b5 94 21 69 16 62 55 a7 56 c8 73 d6 98 fb 8e 87 4f 24 76 37 7c 65 5c b2 1b 8e b9 80 ec 57 ff e0 e4 27 f3 f8 a6 5a fd 64 76 65 55 2a 6f f6 52 a0 08 3e a0 25 15 8b a9 77 8c c3 ec 24 f2 2d 3b af 9d 9b 51 9b 18 ac bc 34 19 54 96 8c 06 fa 06 ee c4 66 24 01 2b 54 a6 24 df 26 9d 51 3f 39 c3 e6 99 06 23 22 f6 36 3e fd a1 dd d3 fd e7 0c c4 ee 30 c1 10 eb 15 6f 83 40 da df 9f 6a f9 28 cc 2a 69 29 08 48 22 1d 42 8d 0c 31 60 e4 3d a8 cd 26 30 96 ac 49 38 43 c3 52 9f a5 ce 22 79 e3 be 0a 9e 01 63 4d 37 97 67 e4 fb 80 e3 09 fa be ab d9 9e 5c 40 05 91 01 0d 38 db e2 06 78 94 45 0d 03 34 8b 82 1d 53 dc 7c 49 81 9f 81 18 1d 79 [TRUNCATED]
                                                  Data Ascii: PK:=AX7\0DrActiveFeatures.txt+@sjp#K1;/-[[ABexq)7 7:^gK !ibUVsO$v7|e\W'ZdveU*oR>%w$-;Q4Tf$+T$&Q?9#"6>0o@j(*i)H"B1`=&0I8CR"ycM7g\@8xE4S|Iyy7~%W?7!JhrfdB^OQ"IDG!o+^6VY6<wNNPP2\?EY^j>i[p`L_sXq>#~nY>LO9rsAS+g5FBiqgUf{*vBUBqTpKF;/[&WIAPuS-&v3!Y'bMl{[:5sVL3om7'O4'(V#:\#VOO&<s}Yd|<P@jM%O5lHs^SYfaCDDwVcE8~cETL0YIEd@._PQ~w\fAT7Kiywq|+#]N">(A0bU-lDM#ETYa-h}ep<)
                                                  Jul 22, 2024 12:51:47.662411928 CEST1236INData Raw: 2c c3 e9 0b b5 94 79 f6 cd ab db ef 95 d6 d1 32 bc 03 27 b0 a7 67 bb 67 5c 5f 47 4a 97 f1 f7 fc 80 a5 3d 5e cb d2 21 fd 16 4d f6 ed 94 f2 d0 41 ec b6 8d 9b cb af 44 4b 5e 3f 92 fc ae 08 db 64 a5 1d 86 78 29 a2 a9 c5 2d c1 7a 36 38 e0 81 84 1a 34
                                                  Data Ascii: ,y2'gg\_GJ=^!MADK^?dx)-z684R|YSgynUf1qbEFO?'[a`bF\rsZL0q\vgrP:ZbPw^l^|Vov^'D0\mJh*I{X14
                                                  Jul 22, 2024 12:51:47.662430048 CEST1236INData Raw: a8 e3 09 b7 93 e7 ef 55 87 a5 e2 4a 0e 55 3c 50 4f 28 65 ca 9a de 34 88 d5 59 ab cd 64 54 2a 94 93 b6 b8 c7 f1 34 a6 fe 9a 9e 58 e1 5b 68 04 08 88 1d 07 7a 22 8c f4 8b 1a 37 f4 2d 18 02 f7 c9 7a e3 8d 30 e6 e5 c6 72 4a b5 33 12 97 f2 9b 9f 3d 2b
                                                  Data Ascii: UJU<PO(e4YdT*4X[hz"7-z0rJ3=+I:QrVjeAU|0e r.-nFs%U@_G~W}E^ns]W6.Jg4)Kk~9"4{i#W}_&L'HNO
                                                  Jul 22, 2024 12:51:47.662560940 CEST672INData Raw: 48 a2 40 45 ad 3e 10 cc d4 22 b8 18 aa b5 83 15 5b 5f 79 62 da f6 64 de 89 40 91 c6 e3 e6 3c 48 f6 f2 37 d0 b4 a2 87 ed 8b 72 11 f9 fa 1d 84 ca dd 63 7c e6 56 65 74 e8 c3 ce 0a 52 78 3d f5 2c 69 ad 82 46 5f 21 19 b5 ed d3 bf 7e 98 76 8d 6a 94 b7
                                                  Data Ascii: H@E>"[_ybd@<H7rc|VetRx=,iF_!~vj5s,yL/[g{QosVz%{A|PSeC)PYzSZ/]E?kINr|Pg!\2-;@&Lb<ma
                                                  Jul 22, 2024 12:51:47.662578106 CEST1236INData Raw: 51 1f 5f 95 40 e0 2f 2f b3 58 36 a8 5f 26 2b c1 d7 d8 86 95 ec 9b 23 f0 6b a3 48 55 63 47 ab 98 a2 7c a9 9d 44 46 9a cb 72 d4 ab 80 27 62 e2 20 b8 23 fe ab f6 c3 e1 79 ff 0e d6 3c ae d6 7b e4 a2 37 6f 8b fd 67 76 72 8f 8e e1 72 fa 02 77 a5 81 f5
                                                  Data Ascii: Q_@//X6_&+#kHUcG|DFr'b #y<{7ogvrrwq&PsTo=D8?^7(Xg@1~;sJa\o%PX=$cvb7fS:."$qC!QFmfWCW#H]WNsiz %Na
                                                  Jul 22, 2024 12:51:47.662594080 CEST1236INData Raw: b0 67 d8 a1 30 25 3f 02 55 01 20 6a 51 4c 25 98 eb 97 f9 7e 66 ee d7 b1 f9 f9 c8 52 7e e9 cc 8c e0 85 81 9e 75 92 0d 4f 55 71 18 6b 3b 1f c1 38 42 6b c9 86 6d cb de b0 bc b5 62 17 da 81 40 69 af 0f ae 34 73 51 45 5a 4f 43 9b dc 83 af 7b a1 89 68
                                                  Data Ascii: g0%?U jQL%~fR~uOUqk;8Bkmb@i4sQEZOC{h'VuuDyznvDn(&J;Px=Uc05;VT7!X<lA"}#&7qB(m5-r#N)4z7Axi)8
                                                  Jul 22, 2024 12:51:47.662609100 CEST1236INData Raw: 40 4c 5f 22 a6 8e 97 9a b0 ae 42 00 ee 93 fe be c4 67 bd a1 03 61 4e 84 cb a0 67 6a e2 91 dc 77 40 da 04 53 1c 7e 5e 16 ac 6c 1f ad 21 43 29 ae 3c b5 6d 41 17 ce 99 37 75 7e 83 67 64 da 98 5f 52 48 92 39 2f a2 7b 79 5a a9 1c 84 29 a1 75 fe 35 2d
                                                  Data Ascii: @L_"BgaNgjw@S~^l!C)<mA7u~gd_RH9/{yZ)u5-U|1.rwx#x{LOmV>y)YT+h"j^mf}xmk{KE[.ntTv#odHsfIu4@/=i ,Dm4%,],>A3
                                                  Jul 22, 2024 12:51:47.662626028 CEST1236INData Raw: a4 75 6b 9d 8e 72 bf 44 65 cd 9c 9a 81 c2 f5 91 b3 95 bd 7b f5 9b de 51 be c3 87 77 77 67 95 16 8e 08 8e 1a 8e 6e c8 38 25 3e bd 63 08 bf 5a 34 ee d4 84 0d 42 59 77 2e 68 0a cb 58 92 56 1e 99 7e 84 53 66 25 79 5a d7 07 7c 54 81 63 e7 ae b9 a1 c5
                                                  Data Ascii: ukrDe{Qwwgn8%>cZ4BYw.hXV~Sf%yZ|Tc&=0q5WKl\<U9$DW`+R ]m-68j5a.|sOB~1zc[ugQ>Tv~Fa&<pX caENsE0aUC3WE4
                                                  Jul 22, 2024 12:51:47.662975073 CEST1236INData Raw: 90 f9 3e cc a5 15 56 a3 fe af c3 ae f4 bf 6c 0a 0a b9 c0 08 ad a0 b3 98 77 db d1 2a a8 8c 8b 5c 92 11 d5 ff b8 b8 3d fa 21 dd 30 57 52 0f 90 76 97 46 49 f3 b0 f5 1b b1 d7 21 08 dd d8 77 eb 88 74 07 5c 0f f6 4f 41 ea 5c 09 37 2b b0 f3 16 f6 1c 9c
                                                  Data Ascii: >Vlw*\=!0WRvFI!wt\OA\7+y;#+KsF14:FD[Re e#Hd5I.*p{o.H'*|a2iZ.Yp?X=[I\V~^{z7F: G5C*w 0sB
                                                  Jul 22, 2024 12:51:47.662992001 CEST1236INData Raw: 1e b1 86 60 62 c7 ed 7f be af 7b 96 5f 3d 9d 9d 0b 56 26 89 40 3d 3d 97 72 1b ff ea ff 35 46 a1 b9 be f8 fb 17 02 f9 23 5a 8c 2f 75 73 1d 7f e5 15 20 69 d1 52 03 6b f3 fa 6b 65 c5 b8 c6 cd 06 e9 35 8a c7 49 1e 7f 22 66 29 5b 8c 7b b9 3b fa e7 df
                                                  Data Ascii: `b{_=V&@==r5F#Z/us iRkke5I"f)[{;5j0F7$v4Jo4c+;J|#0,N9Mu'l^DF+iL4\WB>To*+hiZa;;-c.T12=ZLXZbdBNRy
                                                  Jul 22, 2024 12:51:47.663187981 CEST1236INData Raw: e9 f9 49 6f 29 45 36 42 64 47 c0 f6 2b 3b 0d 4e 0b 0c 4f 75 f7 e1 a9 d9 62 7e b0 9e a9 0d 23 ac 38 b6 3e 0a 62 8b 00 d4 53 2a a0 b4 00 65 cd d9 c4 7d d3 d0 be 79 36 da 1f 52 38 aa 3e 71 45 bc 26 08 37 85 56 e2 ac 04 06 4f 33 f9 f7 c0 c6 d0 a7 69
                                                  Data Ascii: Io)E6BdG+;NOub~#8>bS*e}y6R8>qE&7VO3iGxK'~V~GP)s&KicA]YbA`>Y<xCbDs-H:J0S+9y h8.7BmJPl/T5(^,Ke}g#:zEf
                                                  Jul 22, 2024 12:51:47.955387115 CEST89OUTGET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1
                                                  Host: rt.webcompanion.com
                                                  Jul 22, 2024 12:51:48.068422079 CEST1236INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:48 GMT
                                                  Content-Type: application/zip
                                                  Content-Length: 17770
                                                  Connection: keep-alive
                                                  ETag: "1817264281"
                                                  Last-Modified: Mon, 17 Jun 2024 14:26:00 GMT
                                                  CF-Cache-Status: HIT
                                                  Age: 237
                                                  Expires: Mon, 22 Jul 2024 14:51:48 GMT
                                                  Cache-Control: public, max-age=14400
                                                  Accept-Ranges: bytes
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e0a90e1f8ce6-EWR
                                                  Data Raw: 50 4b 03 04 14 00 01 00 08 00 3a 3d 41 58 37 5c 92 30 c0 44 00 00 72 cc 04 00 12 00 00 00 41 63 74 69 76 65 46 65 61 74 75 72 65 73 2e 74 78 74 a0 9b 2b 93 83 40 fc 73 6a 70 bb 23 a6 14 85 19 db 7f 9e 92 13 c4 c9 4b 31 fb 85 fc 04 d8 12 02 3b 04 ac 2f 2d a7 ef 1b ac a6 c7 02 06 b4 5b a6 5b 13 0e 41 d0 84 42 9e c4 12 82 c4 65 78 71 e8 aa bd c0 29 37 0e 92 20 37 3a 5e 80 b9 ea 89 67 13 4b 20 f3 b5 94 21 69 16 62 55 a7 56 c8 73 d6 98 fb 8e 87 4f 24 76 37 7c 65 5c b2 1b 8e b9 80 ec 57 ff e0 e4 27 f3 f8 a6 5a fd 64 76 65 55 2a 6f f6 52 a0 08 3e a0 25 15 8b a9 77 8c c3 ec 24 f2 2d 3b af 9d 9b 51 9b 18 ac bc 34 19 54 96 8c 06 fa 06 ee c4 66 24 01 2b 54 a6 24 df 26 9d 51 3f 39 c3 e6 99 06 23 22 f6 36 3e fd a1 dd d3 fd e7 0c c4 ee 30 c1 10 eb 15 6f 83 40 da df 9f 6a f9 28 cc 2a 69 29 08 48 22 1d 42 8d 0c 31 60 e4 3d a8 cd 26 30 96 ac 49 38 43 c3 52 9f a5 ce 22 79 e3 be 0a 9e 01 63 4d 37 97 67 e4 fb 80 e3 09 fa be ab d9 9e 5c 40 05 91 01 0d 38 db e2 06 78 94 45 0d 03 34 8b 82 1d 53 dc 7c 49 81 9f 81 18 1d 79 [TRUNCATED]
                                                  Data Ascii: PK:=AX7\0DrActiveFeatures.txt+@sjp#K1;/-[[ABexq)7 7:^gK !ibUVsO$v7|e\W'ZdveU*oR>%w$-;Q4Tf$+T$&Q?9#"6>0o@j(*i)H"B1`=&0I8CR"ycM7g\@8xE4S|Iyy7~%W?7!JhrfdB^OQ"IDG!o+^6VY6<wNNPP2\?EY^j>i[p`L_sXq>#~nY>LO9rsAS+g5FBiqgUf{*vBUBqTpKF;/[&WIAPuS-&v3!Y'bMl{[:5sVL3om7'O4'(V#:\#VOO&<s}Yd|<P@jM%O5lHs^SYfaCDDwVcE8~cETL0YIEd@._PQ~w\fAT7Kiywq|+#]N">(A0bU-lDM#ETYa-h}ep<)


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  4192.168.2.84974064.18.87.8280632C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:51:48.172962904 CEST117OUTGET /Partner.svc/GetPartnerInfo?partner=FZ210427 HTTP/1.1
                                                  Host: wc-partners.lavasoft.com
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:51:48.686417103 CEST383INHTTP/1.1 200 OK
                                                  Server: nginx
                                                  Date: Mon, 22 Jul 2024 10:51:48 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Content-Length: 197
                                                  Connection: keep-alive
                                                  X-Powered-By: ASP.NET
                                                  Data Raw: 7b 22 47 65 74 50 61 72 74 6e 65 72 49 6e 66 6f 52 65 73 75 6c 74 22 3a 7b 22 43 4c 49 44 44 53 22 3a 31 30 30 30 38 37 31 2c 22 43 4c 49 44 48 50 22 3a 32 31 37 33 33 31 32 2c 22 43 54 49 44 22 3a 22 43 54 33 33 33 34 34 36 36 22 2c 22 44 65 66 61 75 6c 74 22 3a 66 61 6c 73 65 2c 22 49 6e 73 74 61 6c 6c 44 61 74 65 55 74 63 22 3a 22 37 5c 2f 32 32 5c 2f 32 30 32 34 20 31 30 3a 35 31 3a 34 38 20 41 4d 22 2c 22 50 54 41 47 22 3a 22 41 46 33 30 46 41 45 33 38 44 33 22 2c 22 50 55 52 4c 22 3a 22 64 65 66 61 75 6c 74 22 2c 22 57 43 59 49 44 22 3a 22 57 43 59 49 44 31 30 31 35 30 22 7d 7d
                                                  Data Ascii: {"GetPartnerInfoResult":{"CLIDDS":1000871,"CLIDHP":2173312,"CTID":"CT3334466","Default":false,"InstallDateUtc":"7\/22\/2024 10:51:48 AM","PTAG":"AF30FAE38D3","PURL":"default","WCYID":"WCYID10150"}}
                                                  Jul 22, 2024 12:51:48.729252100 CEST96OUTGET /Partner.svc/GetPartnerInfo?partner=FZ210427_wb HTTP/1.1
                                                  Host: wc-partners.lavasoft.com
                                                  Jul 22, 2024 12:51:48.838212013 CEST391INHTTP/1.1 200 OK
                                                  Server: nginx
                                                  Date: Mon, 22 Jul 2024 10:51:48 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Content-Length: 205
                                                  Connection: keep-alive
                                                  X-Powered-By: ASP.NET
                                                  Data Raw: 7b 22 47 65 74 50 61 72 74 6e 65 72 49 6e 66 6f 52 65 73 75 6c 74 22 3a 7b 22 43 4c 49 44 44 53 22 3a 31 30 30 30 38 37 31 2c 22 43 4c 49 44 48 50 22 3a 32 31 37 33 33 31 32 2c 22 43 54 49 44 22 3a 22 43 54 33 33 32 39 33 38 30 22 2c 22 44 65 66 61 75 6c 74 22 3a 74 72 75 65 2c 22 49 6e 73 74 61 6c 6c 44 61 74 65 55 74 63 22 3a 22 37 5c 2f 32 32 5c 2f 32 30 32 34 20 31 30 3a 35 31 3a 34 38 20 41 4d 22 2c 22 50 54 41 47 22 3a 22 41 30 33 31 45 44 39 34 32 36 37 33 46 34 38 36 34 42 39 46 22 2c 22 50 55 52 4c 22 3a 22 64 65 66 61 75 6c 74 22 2c 22 57 43 59 49 44 22 3a 22 57 43 59 49 44 31 30 30 30 30 22 7d 7d
                                                  Data Ascii: {"GetPartnerInfoResult":{"CLIDDS":1000871,"CLIDHP":2173312,"CTID":"CT3329380","Default":true,"InstallDateUtc":"7\/22\/2024 10:51:48 AM","PTAG":"A031ED942673F4864B9F","PURL":"default","WCYID":"WCYID10000"}}
                                                  Jul 22, 2024 12:51:48.839658976 CEST96OUTGET /Partner.svc/GetPartnerInfo?partner=FZ210427_ab HTTP/1.1
                                                  Host: wc-partners.lavasoft.com
                                                  Jul 22, 2024 12:51:48.954638958 CEST391INHTTP/1.1 200 OK
                                                  Server: nginx
                                                  Date: Mon, 22 Jul 2024 10:51:48 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Content-Length: 205
                                                  Connection: keep-alive
                                                  X-Powered-By: ASP.NET
                                                  Data Raw: 7b 22 47 65 74 50 61 72 74 6e 65 72 49 6e 66 6f 52 65 73 75 6c 74 22 3a 7b 22 43 4c 49 44 44 53 22 3a 31 30 30 30 38 37 31 2c 22 43 4c 49 44 48 50 22 3a 32 31 37 33 33 31 32 2c 22 43 54 49 44 22 3a 22 43 54 33 33 32 39 33 38 30 22 2c 22 44 65 66 61 75 6c 74 22 3a 74 72 75 65 2c 22 49 6e 73 74 61 6c 6c 44 61 74 65 55 74 63 22 3a 22 37 5c 2f 32 32 5c 2f 32 30 32 34 20 31 30 3a 35 31 3a 34 38 20 41 4d 22 2c 22 50 54 41 47 22 3a 22 41 30 33 31 45 44 39 34 32 36 37 33 46 34 38 36 34 42 39 46 22 2c 22 50 55 52 4c 22 3a 22 64 65 66 61 75 6c 74 22 2c 22 57 43 59 49 44 22 3a 22 57 43 59 49 44 31 30 30 30 30 22 7d 7d
                                                  Data Ascii: {"GetPartnerInfoResult":{"CLIDDS":1000871,"CLIDHP":2173312,"CTID":"CT3329380","Default":true,"InstallDateUtc":"7\/22\/2024 10:51:48 AM","PTAG":"A031ED942673F4864B9F","PURL":"default","WCYID":"WCYID10000"}}
                                                  Jul 22, 2024 12:51:48.959753990 CEST96OUTGET /Partner.svc/GetPartnerInfo?partner=FZ210427_ac HTTP/1.1
                                                  Host: wc-partners.lavasoft.com
                                                  Jul 22, 2024 12:51:49.071532965 CEST391INHTTP/1.1 200 OK
                                                  Server: nginx
                                                  Date: Mon, 22 Jul 2024 10:51:49 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Content-Length: 205
                                                  Connection: keep-alive
                                                  X-Powered-By: ASP.NET
                                                  Data Raw: 7b 22 47 65 74 50 61 72 74 6e 65 72 49 6e 66 6f 52 65 73 75 6c 74 22 3a 7b 22 43 4c 49 44 44 53 22 3a 31 30 30 30 38 37 31 2c 22 43 4c 49 44 48 50 22 3a 32 31 37 33 33 31 32 2c 22 43 54 49 44 22 3a 22 43 54 33 33 32 39 33 38 30 22 2c 22 44 65 66 61 75 6c 74 22 3a 74 72 75 65 2c 22 49 6e 73 74 61 6c 6c 44 61 74 65 55 74 63 22 3a 22 37 5c 2f 32 32 5c 2f 32 30 32 34 20 31 30 3a 35 31 3a 34 39 20 41 4d 22 2c 22 50 54 41 47 22 3a 22 41 30 33 31 45 44 39 34 32 36 37 33 46 34 38 36 34 42 39 46 22 2c 22 50 55 52 4c 22 3a 22 64 65 66 61 75 6c 74 22 2c 22 57 43 59 49 44 22 3a 22 57 43 59 49 44 31 30 30 30 30 22 7d 7d
                                                  Data Ascii: {"GetPartnerInfoResult":{"CLIDDS":1000871,"CLIDHP":2173312,"CTID":"CT3329380","Default":true,"InstallDateUtc":"7\/22\/2024 10:51:49 AM","PTAG":"A031ED942673F4864B9F","PURL":"default","WCYID":"WCYID10000"}}


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  5192.168.2.849745104.16.149.13080632C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:51:53.548202991 CEST179OUTPOST /v1/event-stat-wc?Type=FirstRun&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 265
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:51:53.553231955 CEST265OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30
                                                  Data Ascii: {"Data": {"MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Version":"9.1.0.993","DefaultBrowser":"Google Chrome117.0.5938.132","OriginalSearch":"Google","OriginalHomepage":"about:home","IP"
                                                  Jul 22, 2024 12:51:54.058252096 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:54 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e0ce3e994407-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  6192.168.2.84974664.18.87.480632C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:51:55.414985895 CEST192OUTPOST /ipservice.asmx HTTP/1.1
                                                  Content-Type: text/xml; charset=utf-8
                                                  SOAPAction: "http://lavasoft.com/GetLocation"
                                                  Host: wsgeoip.lavasoft.com
                                                  Content-Length: 236
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:51:55.414985895 CEST236OUTData Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 20 78 6d 6c 6e 73 3a 78 73 69 3d
                                                  Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><GetLocation xmlns="http://lavasoft.com/"/></s:Body></s:Envelope>
                                                  Jul 22, 2024 12:51:55.939301014 CEST702INHTTP/1.1 200 OK
                                                  Server: nginx
                                                  Date: Mon, 22 Jul 2024 10:51:55 GMT
                                                  Content-Type: text/xml; charset=utf-8
                                                  Content-Length: 446
                                                  Connection: keep-alive
                                                  Cache-Control: private, max-age=0
                                                  X-AspNet-Version: 4.0.30319
                                                  X-Powered-By: ASP.NET
                                                  x-here: true
                                                  Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 47 65 74 4c 6f 63 61 74 69 6f 6e 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 6c 61 76 61 73 6f 66 74 2e 63 6f 6d 2f 22 3e 3c 47 65 74 4c 6f 63 61 74 69 6f 6e 52 65 73 75 6c 74 3e 26 6c 74 3b 47 65 6f 49 50 26 67 74 3b 26 6c 74 3b 43 6f 75 6e 74 72 79 26 67 74 3b 55 53 26 6c 74 3b 2f 43 6f 75 6e 74 72 79 26 67 74 3b 26 6c 74 3b 53 [TRUNCATED]
                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><GetLocationResponse xmlns="http://lavasoft.com/"><GetLocationResult>&lt;GeoIP&gt;&lt;Country&gt;US&lt;/Country&gt;&lt;State&gt;CA&lt;/State&gt;&lt;/GeoIP&gt;</GetLocationResult></GetLocationResponse></soap:Body></soap:Envelope>


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  7192.168.2.849747104.19.208.15280632C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:51:57.056463957 CEST106OUTGET /version_logs?json=true&version=9.1.0.993 HTTP/1.1
                                                  Host: webcompanion.com
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:51:57.584037066 CEST629INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:57 GMT
                                                  Content-Type: text/html; charset=UTF-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  X-Powered-By: PHP/7.2.34
                                                  Vary: Accept-Encoding
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e0e44d637c88-EWR
                                                  Data Raw: 31 35 38 0d 0a 3c 62 72 20 2f 3e 0a 3c 62 3e 57 61 72 6e 69 6e 67 3c 2f 62 3e 3a 20 20 63 6f 75 6e 74 28 29 3a 20 50 61 72 61 6d 65 74 65 72 20 6d 75 73 74 20 62 65 20 61 6e 20 61 72 72 61 79 20 6f 72 20 61 6e 20 6f 62 6a 65 63 74 20 74 68 61 74 20 69 6d 70 6c 65 6d 65 6e 74 73 20 43 6f 75 6e 74 61 62 6c 65 20 69 6e 20 3c 62 3e 2f 76 61 72 2f 77 77 77 2f 68 74 6d 6c 2f 69 6e 63 6c 75 64 65 73 2f 66 75 6e 63 74 69 6f 6e 73 2e 70 68 70 3c 2f 62 3e 20 6f 6e 20 6c 69 6e 65 20 3c 62 3e 39 31 3c 2f 62 3e 3c 62 72 20 2f 3e 0a 3c 62 72 20 2f 3e 0a 3c 62 3e 57 61 72 6e 69 6e 67 3c 2f 62 3e 3a 20 20 63 6f 75 6e 74 28 29 3a 20 50 61 72 61 6d 65 74 65 72 20 6d 75 73 74 20 62 65 20 61 6e 20 61 72 72 61 79 20 6f 72 20 61 6e 20 6f 62 6a 65 63 74 20 74 68 61 74 20 69 6d 70 6c 65 6d 65 6e 74 73 20 43 6f 75 6e 74 61 62 6c 65 20 69 6e 20 3c 62 3e 2f 76 61 72 2f 77 77 77 2f 68 74 6d 6c 2f 69 6e 63 6c 75 64 65 73 2f 66 75 6e 63 74 69 6f 6e 73 2e 70 68 70 3c 2f 62 3e 20 6f 6e 20 6c 69 6e 65 20 3c 62 3e 39 38 3c 2f 62 3e [TRUNCATED]
                                                  Data Ascii: 158<br /><b>Warning</b>: count(): Parameter must be an array or an object that implements Countable in <b>/var/www/html/includes/functions.php</b> on line <b>91</b><br /><br /><b>Warning</b>: count(): Parameter must be an array or an object that implements Countable in <b>/var/www/html/includes/functions.php</b> on line <b>98</b><br />null0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  8192.168.2.849749104.19.159.224807100C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:51:58.656097889 CEST113OUTGET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1
                                                  Host: rt.webcompanion.com
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:51:59.135463953 CEST1236INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:59 GMT
                                                  Content-Type: application/zip
                                                  Content-Length: 17770
                                                  Connection: keep-alive
                                                  ETag: "1817264281"
                                                  Last-Modified: Mon, 17 Jun 2024 14:26:00 GMT
                                                  CF-Cache-Status: HIT
                                                  Age: 248
                                                  Expires: Mon, 22 Jul 2024 14:51:59 GMT
                                                  Cache-Control: public, max-age=14400
                                                  Accept-Ranges: bytes
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e0ee3964189d-EWR
                                                  Data Raw: 50 4b 03 04 14 00 01 00 08 00 3a 3d 41 58 37 5c 92 30 c0 44 00 00 72 cc 04 00 12 00 00 00 41 63 74 69 76 65 46 65 61 74 75 72 65 73 2e 74 78 74 a0 9b 2b 93 83 40 fc 73 6a 70 bb 23 a6 14 85 19 db 7f 9e 92 13 c4 c9 4b 31 fb 85 fc 04 d8 12 02 3b 04 ac 2f 2d a7 ef 1b ac a6 c7 02 06 b4 5b a6 5b 13 0e 41 d0 84 42 9e c4 12 82 c4 65 78 71 e8 aa bd c0 29 37 0e 92 20 37 3a 5e 80 b9 ea 89 67 13 4b 20 f3 b5 94 21 69 16 62 55 a7 56 c8 73 d6 98 fb 8e 87 4f 24 76 37 7c 65 5c b2 1b 8e b9 80 ec 57 ff e0 e4 27 f3 f8 a6 5a fd 64 76 65 55 2a 6f f6 52 a0 08 3e a0 25 15 8b a9 77 8c c3 ec 24 f2 2d 3b af 9d 9b 51 9b 18 ac bc 34 19 54 96 8c 06 fa 06 ee c4 66 24 01 2b 54 a6 24 df 26 9d 51 3f 39 c3 e6 99 06 23 22 f6 36 3e fd a1 dd d3 fd e7 0c c4 ee 30 c1 10 eb 15 6f 83 40 da df 9f 6a f9 28 cc 2a 69 29 08 48 22 1d 42 8d 0c 31 60 e4 3d a8 cd 26 30 96 ac 49 38 43 c3 52 9f a5 ce 22 79 e3 be 0a 9e 01 63 4d 37 97 67 e4 fb 80 e3 09 fa be ab d9 9e 5c 40 05 91 01 0d 38 db e2 06 78 94 45 0d 03 34 8b 82 1d 53 dc 7c 49 81 9f 81 18 1d 79 [TRUNCATED]
                                                  Data Ascii: PK:=AX7\0DrActiveFeatures.txt+@sjp#K1;/-[[ABexq)7 7:^gK !ibUVsO$v7|e\W'ZdveU*oR>%w$-;Q4Tf$+T$&Q?9#"6>0o@j(*i)H"B1`=&0I8CR"ycM7g\@8xE4S|Iyy7~%W?7!JhrfdB^OQ"IDG!o+^6VY6<wNNPP2\?EY^j>i[p`L_sXq>#~nY>LO9rsAS+g5FBiqgUf{*vBUBqTpKF;/[&WIAPuS-&v3!Y'bMl{[:5sVL3om7'O4'(V#:\#VOO&<s}Yd|<P@jM%O5lHs^SYfaCDDwVcE8~cETL0YIEd@._PQ~w\fAT7Kiywq|+#]N">(A0bU-lDM#ETYa-h}ep<)
                                                  Jul 22, 2024 12:51:59.135485888 CEST1236INData Raw: 2c c3 e9 0b b5 94 79 f6 cd ab db ef 95 d6 d1 32 bc 03 27 b0 a7 67 bb 67 5c 5f 47 4a 97 f1 f7 fc 80 a5 3d 5e cb d2 21 fd 16 4d f6 ed 94 f2 d0 41 ec b6 8d 9b cb af 44 4b 5e 3f 92 fc ae 08 db 64 a5 1d 86 78 29 a2 a9 c5 2d c1 7a 36 38 e0 81 84 1a 34
                                                  Data Ascii: ,y2'gg\_GJ=^!MADK^?dx)-z684R|YSgynUf1qbEFO?'[a`bF\rsZL0q\vgrP:ZbPw^l^|Vov^'D0\mJh*I{X14
                                                  Jul 22, 2024 12:51:59.135498047 CEST1236INData Raw: a8 e3 09 b7 93 e7 ef 55 87 a5 e2 4a 0e 55 3c 50 4f 28 65 ca 9a de 34 88 d5 59 ab cd 64 54 2a 94 93 b6 b8 c7 f1 34 a6 fe 9a 9e 58 e1 5b 68 04 08 88 1d 07 7a 22 8c f4 8b 1a 37 f4 2d 18 02 f7 c9 7a e3 8d 30 e6 e5 c6 72 4a b5 33 12 97 f2 9b 9f 3d 2b
                                                  Data Ascii: UJU<PO(e4YdT*4X[hz"7-z0rJ3=+I:QrVjeAU|0e r.-nFs%U@_G~W}E^ns]W6.Jg4)Kk~9"4{i#W}_&L'HNO
                                                  Jul 22, 2024 12:51:59.135679007 CEST672INData Raw: 48 a2 40 45 ad 3e 10 cc d4 22 b8 18 aa b5 83 15 5b 5f 79 62 da f6 64 de 89 40 91 c6 e3 e6 3c 48 f6 f2 37 d0 b4 a2 87 ed 8b 72 11 f9 fa 1d 84 ca dd 63 7c e6 56 65 74 e8 c3 ce 0a 52 78 3d f5 2c 69 ad 82 46 5f 21 19 b5 ed d3 bf 7e 98 76 8d 6a 94 b7
                                                  Data Ascii: H@E>"[_ybd@<H7rc|VetRx=,iF_!~vj5s,yL/[g{QosVz%{A|PSeC)PYzSZ/]E?kINr|Pg!\2-;@&Lb<ma
                                                  Jul 22, 2024 12:51:59.135691881 CEST1236INData Raw: 51 1f 5f 95 40 e0 2f 2f b3 58 36 a8 5f 26 2b c1 d7 d8 86 95 ec 9b 23 f0 6b a3 48 55 63 47 ab 98 a2 7c a9 9d 44 46 9a cb 72 d4 ab 80 27 62 e2 20 b8 23 fe ab f6 c3 e1 79 ff 0e d6 3c ae d6 7b e4 a2 37 6f 8b fd 67 76 72 8f 8e e1 72 fa 02 77 a5 81 f5
                                                  Data Ascii: Q_@//X6_&+#kHUcG|DFr'b #y<{7ogvrrwq&PsTo=D8?^7(Xg@1~;sJa\o%PX=$cvb7fS:."$qC!QFmfWCW#H]WNsiz %Na
                                                  Jul 22, 2024 12:51:59.135704994 CEST1236INData Raw: b0 67 d8 a1 30 25 3f 02 55 01 20 6a 51 4c 25 98 eb 97 f9 7e 66 ee d7 b1 f9 f9 c8 52 7e e9 cc 8c e0 85 81 9e 75 92 0d 4f 55 71 18 6b 3b 1f c1 38 42 6b c9 86 6d cb de b0 bc b5 62 17 da 81 40 69 af 0f ae 34 73 51 45 5a 4f 43 9b dc 83 af 7b a1 89 68
                                                  Data Ascii: g0%?U jQL%~fR~uOUqk;8Bkmb@i4sQEZOC{h'VuuDyznvDn(&J;Px=Uc05;VT7!X<lA"}#&7qB(m5-r#N)4z7Axi)8
                                                  Jul 22, 2024 12:51:59.135716915 CEST1236INData Raw: 40 4c 5f 22 a6 8e 97 9a b0 ae 42 00 ee 93 fe be c4 67 bd a1 03 61 4e 84 cb a0 67 6a e2 91 dc 77 40 da 04 53 1c 7e 5e 16 ac 6c 1f ad 21 43 29 ae 3c b5 6d 41 17 ce 99 37 75 7e 83 67 64 da 98 5f 52 48 92 39 2f a2 7b 79 5a a9 1c 84 29 a1 75 fe 35 2d
                                                  Data Ascii: @L_"BgaNgjw@S~^l!C)<mA7u~gd_RH9/{yZ)u5-U|1.rwx#x{LOmV>y)YT+h"j^mf}xmk{KE[.ntTv#odHsfIu4@/=i ,Dm4%,],>A3
                                                  Jul 22, 2024 12:51:59.135729074 CEST1236INData Raw: a4 75 6b 9d 8e 72 bf 44 65 cd 9c 9a 81 c2 f5 91 b3 95 bd 7b f5 9b de 51 be c3 87 77 77 67 95 16 8e 08 8e 1a 8e 6e c8 38 25 3e bd 63 08 bf 5a 34 ee d4 84 0d 42 59 77 2e 68 0a cb 58 92 56 1e 99 7e 84 53 66 25 79 5a d7 07 7c 54 81 63 e7 ae b9 a1 c5
                                                  Data Ascii: ukrDe{Qwwgn8%>cZ4BYw.hXV~Sf%yZ|Tc&=0q5WKl\<U9$DW`+R ]m-68j5a.|sOB~1zc[ugQ>Tv~Fa&<pX caENsE0aUC3WE4
                                                  Jul 22, 2024 12:51:59.136146069 CEST1236INData Raw: 90 f9 3e cc a5 15 56 a3 fe af c3 ae f4 bf 6c 0a 0a b9 c0 08 ad a0 b3 98 77 db d1 2a a8 8c 8b 5c 92 11 d5 ff b8 b8 3d fa 21 dd 30 57 52 0f 90 76 97 46 49 f3 b0 f5 1b b1 d7 21 08 dd d8 77 eb 88 74 07 5c 0f f6 4f 41 ea 5c 09 37 2b b0 f3 16 f6 1c 9c
                                                  Data Ascii: >Vlw*\=!0WRvFI!wt\OA\7+y;#+KsF14:FD[Re e#Hd5I.*p{o.H'*|a2iZ.Yp?X=[I\V~^{z7F: G5C*w 0sB
                                                  Jul 22, 2024 12:51:59.136157990 CEST1236INData Raw: 1e b1 86 60 62 c7 ed 7f be af 7b 96 5f 3d 9d 9d 0b 56 26 89 40 3d 3d 97 72 1b ff ea ff 35 46 a1 b9 be f8 fb 17 02 f9 23 5a 8c 2f 75 73 1d 7f e5 15 20 69 d1 52 03 6b f3 fa 6b 65 c5 b8 c6 cd 06 e9 35 8a c7 49 1e 7f 22 66 29 5b 8c 7b b9 3b fa e7 df
                                                  Data Ascii: `b{_=V&@==r5F#Z/us iRkke5I"f)[{;5j0F7$v4Jo4c+;J|#0,N9Mu'l^DF+iL4\WB>To*+hiZa;;-c.T12=ZLXZbdBNRy
                                                  Jul 22, 2024 12:51:59.140402079 CEST1236INData Raw: e9 f9 49 6f 29 45 36 42 64 47 c0 f6 2b 3b 0d 4e 0b 0c 4f 75 f7 e1 a9 d9 62 7e b0 9e a9 0d 23 ac 38 b6 3e 0a 62 8b 00 d4 53 2a a0 b4 00 65 cd d9 c4 7d d3 d0 be 79 36 da 1f 52 38 aa 3e 71 45 bc 26 08 37 85 56 e2 ac 04 06 4f 33 f9 f7 c0 c6 d0 a7 69
                                                  Data Ascii: Io)E6BdG+;NOub~#8>bS*e}y6R8>qE&7VO3iGxK'~V~GP)s&KicA]YbA`>Y<xCbDs-H:J0S+9y h8.7BmJPl/T5(^,Ke}g#:zEf
                                                  Jul 22, 2024 12:51:59.433389902 CEST89OUTGET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1
                                                  Host: rt.webcompanion.com
                                                  Jul 22, 2024 12:51:59.538541079 CEST1236INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:59 GMT
                                                  Content-Type: application/zip
                                                  Content-Length: 17770
                                                  Connection: keep-alive
                                                  ETag: "1817264281"
                                                  Last-Modified: Mon, 17 Jun 2024 14:26:00 GMT
                                                  CF-Cache-Status: HIT
                                                  Age: 248
                                                  Expires: Mon, 22 Jul 2024 14:51:59 GMT
                                                  Cache-Control: public, max-age=14400
                                                  Accept-Ranges: bytes
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e0f0caa6189d-EWR
                                                  Data Raw: 50 4b 03 04 14 00 01 00 08 00 3a 3d 41 58 37 5c 92 30 c0 44 00 00 72 cc 04 00 12 00 00 00 41 63 74 69 76 65 46 65 61 74 75 72 65 73 2e 74 78 74 a0 9b 2b 93 83 40 fc 73 6a 70 bb 23 a6 14 85 19 db 7f 9e 92 13 c4 c9 4b 31 fb 85 fc 04 d8 12 02 3b 04 ac 2f 2d a7 ef 1b ac a6 c7 02 06 b4 5b a6 5b 13 0e 41 d0 84 42 9e c4 12 82 c4 65 78 71 e8 aa bd c0 29 37 0e 92 20 37 3a 5e 80 b9 ea 89 67 13 4b 20 f3 b5 94 21 69 16 62 55 a7 56 c8 73 d6 98 fb 8e 87 4f 24 76 37 7c 65 5c b2 1b 8e b9 80 ec 57 ff e0 e4 27 f3 f8 a6 5a fd 64 76 65 55 2a 6f f6 52 a0 08 3e a0 25 15 8b a9 77 8c c3 ec 24 f2 2d 3b af 9d 9b 51 9b 18 ac bc 34 19 54 96 8c 06 fa 06 ee c4 66 24 01 2b 54 a6 24 df 26 9d 51 3f 39 c3 e6 99 06 23 22 f6 36 3e fd a1 dd d3 fd e7 0c c4 ee 30 c1 10 eb 15 6f 83 40 da df 9f 6a f9 28 cc 2a 69 29 08 48 22 1d 42 8d 0c 31 60 e4 3d a8 cd 26 30 96 ac 49 38 43 c3 52 9f a5 ce 22 79 e3 be 0a 9e 01 63 4d 37 97 67 e4 fb 80 e3 09 fa be ab d9 9e 5c 40 05 91 01 0d 38 db e2 06 78 94 45 0d 03 34 8b 82 1d 53 dc 7c 49 81 9f 81 18 1d 79 [TRUNCATED]
                                                  Data Ascii: PK:=AX7\0DrActiveFeatures.txt+@sjp#K1;/-[[ABexq)7 7:^gK !ibUVsO$v7|e\W'ZdveU*oR>%w$-;Q4Tf$+T$&Q?9#"6>0o@j(*i)H"B1`=&0I8CR"ycM7g\@8xE4S|Iyy7~%W?7!JhrfdB^OQ"IDG!o+^6VY6<wNNPP2\?EY^j>i[p`L_sXq>#~nY>LO9rsAS+g5FBiqgUf{*vBUBqTpKF;/[&WIAPuS-&v3!Y'bMl{[:5sVL3om7'O4'(V#:\#VOO&<s}Yd|<P@jM%O5lHs^SYfaCDDwVcE8~cETL0YIEd@._PQ~w\fAT7Kiywq|+#]N">(A0bU-lDM#ETYa-h}ep<)
                                                  Jul 22, 2024 12:52:07.300848007 CEST105OUTGET /notifications/download/rt/postrun/prod/v1/FeatureActions.zip HTTP/1.1
                                                  Host: rt.webcompanion.com
                                                  Jul 22, 2024 12:52:07.406536102 CEST1236INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:52:07 GMT
                                                  Content-Type: application/zip
                                                  Content-Length: 9891
                                                  Connection: keep-alive
                                                  ETag: "3914547665"
                                                  Last-Modified: Tue, 11 Jun 2024 17:24:23 GMT
                                                  CF-Cache-Status: HIT
                                                  Age: 1154
                                                  Expires: Mon, 22 Jul 2024 14:52:07 GMT
                                                  Cache-Control: public, max-age=14400
                                                  Accept-Ranges: bytes
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e121fe97189d-EWR
                                                  Data Raw: 50 4b 03 04 14 00 01 00 08 00 ab 49 9a 58 36 05 95 82 f9 25 00 00 95 d3 03 00 12 00 00 00 46 65 61 74 75 72 65 41 63 74 69 6f 6e 73 2e 74 78 74 42 86 e3 50 5a 1b 0d e0 26 da 0d b9 4b a8 e4 a6 b2 45 39 87 02 b4 28 30 cc 70 d8 a2 c7 0b 87 a6 9a 3c 61 7d d4 39 e1 d2 be ab dd 67 1e 3c e4 ac 44 87 29 39 84 e1 ae be 6b 40 34 79 e5 cb 27 21 b4 93 bc e5 9a 3d 7e bd 5a 6b 60 31 4a 12 a1 ee ed 13 c4 92 32 1c 5b 92 ed bc 29 fb 5f d4 93 de d7 2c d5 7b 46 46 3f 10 71 ec c2 02 3b d4 66 4c a9 2a 0f d6 f6 3d bc db 88 31 ff b5 b5 97 8a b8 5a b0 49 f0 c5 ee 0e ff 2d 3e 07 6d 8f ce 0d 25 f3 3e 60 e8 93 c4 6d 0c cb e9 b3 fa 88 08 e4 6c a2 2c cc 9a 73 88 a3 aa 85 57 e7 49 cf 97 04 54 50 fb 97 75 2a 82 3b af cb 86 d1 92 a8 f1 50 85 f1 a1 0a 78 78 92 68 16 c2 67 10 6c 24 ba 16 4d a2 5d 49 7f 7d e4 f8 ae b6 92 95 80 95 d7 f4 6f 92 bd 67 d0 c5 c9 d9 be ea 82 fc 5a 96 4c df db 35 b1 c2 3f c3 9c 42 82 04 5a 4c de c9 78 10 b6 75 12 0d eb 94 6b 55 a5 31 19 50 1e d7 34 e8 6d e4 bf 57 85 c2 f1 06 2d 4e 74 66 0b 3f bd d6 8c 49 2d [TRUNCATED]
                                                  Data Ascii: PKIX6%FeatureActions.txtBPZ&KE9(0p<a}9g<D)9k@4y'!=~Zk`1J2[)_,{FF?q;fL*=1ZI->m%>`ml,sWITPu*;Pxxhgl$M]I}ogZL5?BZLxukU1P4mW-Ntf?I-/!w90/^%X-.0(mVPn]=cr_A$<BWye2bK{jOdxZv@[NLDU|_1Sp~Paq>})$qH7,hm)Ias<TWu$?Ey@Xu@5*UJLja0v^Q (O}k+fwvfzbhFE<plLWZI*.4#,X`=beVW)W*;Q,'x>Jq _T<ea&wo/RM2`rXFEc:A97A4FT0@wuJIBd5Bhw}oE@N=Z$)6@sXru%eIg5ruA:81&"e_'B


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  9192.168.2.84975064.18.87.82807100C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:52:01.189567089 CEST208OUTPOST /components.asmx HTTP/1.1
                                                  Content-Type: text/xml; charset=utf-8
                                                  SOAPAction: "http://tempuri.org/GetComponentsInfo"
                                                  Host: wc-update-service.lavasoft.com
                                                  Content-Length: 342
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:52:01.189626932 CEST342OUTData Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 20 78 6d 6c 6e 73 3a 78 73 69 3d
                                                  Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><GetComponentsInfo xmlns="http://tempuri.org/"><request><Platform>prod</
                                                  Jul 22, 2024 12:52:04.672883987 CEST1236INHTTP/1.1 200 OK
                                                  Server: nginx
                                                  Date: Mon, 22 Jul 2024 10:52:04 GMT
                                                  Content-Type: text/xml; charset=utf-8
                                                  Content-Length: 1461
                                                  Connection: keep-alive
                                                  Cache-Control: private, max-age=0
                                                  X-AspNet-Version: 4.0.30319
                                                  X-Powered-By: ASP.NET
                                                  Access-Control-Allow-Origin: http://webcompanion.com
                                                  Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 47 65 74 43 6f 6d 70 6f 6e 65 6e 74 73 49 6e 66 6f 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 47 65 74 43 6f 6d 70 6f 6e 65 6e 74 73 49 6e 66 6f 52 65 73 75 6c 74 3e 3c 43 6f 6d 70 6f 6e 65 6e 74 73 3e 3c 43 6f 6d 70 6f 6e 65 6e 74 49 6e 66 6f 52 65 73 70 6f 6e 73 65 3e 3c 4e 61 6d 65 [TRUNCATED]
                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><GetComponentsInfoResponse xmlns="http://tempuri.org/"><GetComponentsInfoResult><Components><ComponentInfoResponse><Name>installer</Name><Version>9.1.0.993</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/Installer.exe</DownloadUrl></ComponentInfoResponse><ComponentInfoResponse><Name>application</Name><Version>2.1.1117.2317</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/Installer.msi</DownloadUrl></ComponentInfoResponse><ComponentInfoResponse><Name>tcpservice</Name><Version>2.3.4.7</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/TcpService.msi</DownloadUrl></ComponentInfoResponse><ComponentInfoResponse><Name>42f00399-529e-4915-83ce-5b4c18049fc8</Name><V
                                                  Jul 22, 2024 12:52:04.672910929 CEST522INData Raw: 65 72 73 69 6f 6e 3e 39 2e 31 2e 30 2e 39 39 33 3c 2f 56 65 72 73 69 6f 6e 3e 3c 44 6f 77 6e 6c 6f 61 64 55 72 6c 3e 68 74 74 70 3a 2f 2f 77 63 64 6f 77 6e 6c 6f 61 64 65 72 63 64 6e 2e 6c 61 76 61 73 6f 66 74 2e 63 6f 6d 2f 39 2e 31 2e 30 2e 39
                                                  Data Ascii: ersion>9.1.0.993</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/WcInstaller.exe</DownloadUrl></ComponentInfoResponse><ComponentInfoResponse><Name>webcompanion</Name><Version>9.1.0.993</Version><DownloadUrl>http://wcdownloa


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  10192.168.2.849751104.19.208.152807100C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:52:04.795695066 CEST106OUTGET /version_logs?json=true&version=9.1.0.993 HTTP/1.1
                                                  Host: webcompanion.com
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:52:05.325690985 CEST629INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:52:05 GMT
                                                  Content-Type: text/html; charset=UTF-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  X-Powered-By: PHP/7.2.34
                                                  Vary: Accept-Encoding
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e114ac004321-EWR
                                                  Data Raw: 31 35 38 0d 0a 3c 62 72 20 2f 3e 0a 3c 62 3e 57 61 72 6e 69 6e 67 3c 2f 62 3e 3a 20 20 63 6f 75 6e 74 28 29 3a 20 50 61 72 61 6d 65 74 65 72 20 6d 75 73 74 20 62 65 20 61 6e 20 61 72 72 61 79 20 6f 72 20 61 6e 20 6f 62 6a 65 63 74 20 74 68 61 74 20 69 6d 70 6c 65 6d 65 6e 74 73 20 43 6f 75 6e 74 61 62 6c 65 20 69 6e 20 3c 62 3e 2f 76 61 72 2f 77 77 77 2f 68 74 6d 6c 2f 69 6e 63 6c 75 64 65 73 2f 66 75 6e 63 74 69 6f 6e 73 2e 70 68 70 3c 2f 62 3e 20 6f 6e 20 6c 69 6e 65 20 3c 62 3e 39 31 3c 2f 62 3e 3c 62 72 20 2f 3e 0a 3c 62 72 20 2f 3e 0a 3c 62 3e 57 61 72 6e 69 6e 67 3c 2f 62 3e 3a 20 20 63 6f 75 6e 74 28 29 3a 20 50 61 72 61 6d 65 74 65 72 20 6d 75 73 74 20 62 65 20 61 6e 20 61 72 72 61 79 20 6f 72 20 61 6e 20 6f 62 6a 65 63 74 20 74 68 61 74 20 69 6d 70 6c 65 6d 65 6e 74 73 20 43 6f 75 6e 74 61 62 6c 65 20 69 6e 20 3c 62 3e 2f 76 61 72 2f 77 77 77 2f 68 74 6d 6c 2f 69 6e 63 6c 75 64 65 73 2f 66 75 6e 63 74 69 6f 6e 73 2e 70 68 70 3c 2f 62 3e 20 6f 6e 20 6c 69 6e 65 20 3c 62 3e 39 38 3c 2f 62 3e [TRUNCATED]
                                                  Data Ascii: 158<br /><b>Warning</b>: count(): Parameter must be an array or an object that implements Countable in <b>/var/www/html/includes/functions.php</b> on line <b>91</b><br /><br /><b>Warning</b>: count(): Parameter must be an array or an object that implements Countable in <b>/var/www/html/includes/functions.php</b> on line <b>98</b><br />null0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  11192.168.2.849752104.19.159.224802660C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:52:06.376092911 CEST113OUTGET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1
                                                  Host: rt.webcompanion.com
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:52:06.856714964 CEST1236INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:52:06 GMT
                                                  Content-Type: application/zip
                                                  Content-Length: 17770
                                                  Connection: keep-alive
                                                  ETag: "1817264281"
                                                  Last-Modified: Mon, 17 Jun 2024 14:26:00 GMT
                                                  CF-Cache-Status: HIT
                                                  Age: 255
                                                  Expires: Mon, 22 Jul 2024 14:52:06 GMT
                                                  Cache-Control: public, max-age=14400
                                                  Accept-Ranges: bytes
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e11e79b00f81-EWR
                                                  Data Raw: 50 4b 03 04 14 00 01 00 08 00 3a 3d 41 58 37 5c 92 30 c0 44 00 00 72 cc 04 00 12 00 00 00 41 63 74 69 76 65 46 65 61 74 75 72 65 73 2e 74 78 74 a0 9b 2b 93 83 40 fc 73 6a 70 bb 23 a6 14 85 19 db 7f 9e 92 13 c4 c9 4b 31 fb 85 fc 04 d8 12 02 3b 04 ac 2f 2d a7 ef 1b ac a6 c7 02 06 b4 5b a6 5b 13 0e 41 d0 84 42 9e c4 12 82 c4 65 78 71 e8 aa bd c0 29 37 0e 92 20 37 3a 5e 80 b9 ea 89 67 13 4b 20 f3 b5 94 21 69 16 62 55 a7 56 c8 73 d6 98 fb 8e 87 4f 24 76 37 7c 65 5c b2 1b 8e b9 80 ec 57 ff e0 e4 27 f3 f8 a6 5a fd 64 76 65 55 2a 6f f6 52 a0 08 3e a0 25 15 8b a9 77 8c c3 ec 24 f2 2d 3b af 9d 9b 51 9b 18 ac bc 34 19 54 96 8c 06 fa 06 ee c4 66 24 01 2b 54 a6 24 df 26 9d 51 3f 39 c3 e6 99 06 23 22 f6 36 3e fd a1 dd d3 fd e7 0c c4 ee 30 c1 10 eb 15 6f 83 40 da df 9f 6a f9 28 cc 2a 69 29 08 48 22 1d 42 8d 0c 31 60 e4 3d a8 cd 26 30 96 ac 49 38 43 c3 52 9f a5 ce 22 79 e3 be 0a 9e 01 63 4d 37 97 67 e4 fb 80 e3 09 fa be ab d9 9e 5c 40 05 91 01 0d 38 db e2 06 78 94 45 0d 03 34 8b 82 1d 53 dc 7c 49 81 9f 81 18 1d 79 [TRUNCATED]
                                                  Data Ascii: PK:=AX7\0DrActiveFeatures.txt+@sjp#K1;/-[[ABexq)7 7:^gK !ibUVsO$v7|e\W'ZdveU*oR>%w$-;Q4Tf$+T$&Q?9#"6>0o@j(*i)H"B1`=&0I8CR"ycM7g\@8xE4S|Iyy7~%W?7!JhrfdB^OQ"IDG!o+^6VY6<wNNPP2\?EY^j>i[p`L_sXq>#~nY>LO9rsAS+g5FBiqgUf{*vBUBqTpKF;/[&WIAPuS-&v3!Y'bMl{[:5sVL3om7'O4'(V#:\#VOO&<s}Yd|<P@jM%O5lHs^SYfaCDDwVcE8~cETL0YIEd@._PQ~w\fAT7Kiywq|+#]N">(A0bU-lDM#ETYa-h}ep<)
                                                  Jul 22, 2024 12:52:06.856731892 CEST1236INData Raw: 2c c3 e9 0b b5 94 79 f6 cd ab db ef 95 d6 d1 32 bc 03 27 b0 a7 67 bb 67 5c 5f 47 4a 97 f1 f7 fc 80 a5 3d 5e cb d2 21 fd 16 4d f6 ed 94 f2 d0 41 ec b6 8d 9b cb af 44 4b 5e 3f 92 fc ae 08 db 64 a5 1d 86 78 29 a2 a9 c5 2d c1 7a 36 38 e0 81 84 1a 34
                                                  Data Ascii: ,y2'gg\_GJ=^!MADK^?dx)-z684R|YSgynUf1qbEFO?'[a`bF\rsZL0q\vgrP:ZbPw^l^|Vov^'D0\mJh*I{X14
                                                  Jul 22, 2024 12:52:06.856743097 CEST1236INData Raw: a8 e3 09 b7 93 e7 ef 55 87 a5 e2 4a 0e 55 3c 50 4f 28 65 ca 9a de 34 88 d5 59 ab cd 64 54 2a 94 93 b6 b8 c7 f1 34 a6 fe 9a 9e 58 e1 5b 68 04 08 88 1d 07 7a 22 8c f4 8b 1a 37 f4 2d 18 02 f7 c9 7a e3 8d 30 e6 e5 c6 72 4a b5 33 12 97 f2 9b 9f 3d 2b
                                                  Data Ascii: UJU<PO(e4YdT*4X[hz"7-z0rJ3=+I:QrVjeAU|0e r.-nFs%U@_G~W}E^ns]W6.Jg4)Kk~9"4{i#W}_&L'HNO
                                                  Jul 22, 2024 12:52:06.856837988 CEST1236INData Raw: 48 a2 40 45 ad 3e 10 cc d4 22 b8 18 aa b5 83 15 5b 5f 79 62 da f6 64 de 89 40 91 c6 e3 e6 3c 48 f6 f2 37 d0 b4 a2 87 ed 8b 72 11 f9 fa 1d 84 ca dd 63 7c e6 56 65 74 e8 c3 ce 0a 52 78 3d f5 2c 69 ad 82 46 5f 21 19 b5 ed d3 bf 7e 98 76 8d 6a 94 b7
                                                  Data Ascii: H@E>"[_ybd@<H7rc|VetRx=,iF_!~vj5s,yL/[g{QosVz%{A|PSeC)PYzSZ/]E?kINr|Pg!\2-;@&Lb<ma
                                                  Jul 22, 2024 12:52:06.856904984 CEST1236INData Raw: c0 ef ec e3 a3 78 02 50 1e 6e 18 3a c8 ef 40 01 47 df 2f 67 75 81 ee e7 ed 5c 86 a7 cd ff 50 b9 61 08 00 fa a5 b9 0e 2f 50 8f 87 fd 80 44 ec bf 7d 28 a2 50 86 c4 d0 81 34 04 f9 9d 19 90 5d 6c c8 6f a3 82 62 5f 8a 77 97 ae e6 15 32 ec 5b 3c d5 d1
                                                  Data Ascii: xPn:@G/gu\Pa/PD}(P4]lob_w2[<Pz|<gzX],af!:$uMs)m74Tf8Q0Ee@>i~p#D'uma{4q-x.{W)x,0Fm'*wT
                                                  Jul 22, 2024 12:52:06.856918097 CEST1120INData Raw: 35 ea fe e8 9b 44 1e 62 80 9f 85 5d b4 ed 54 9a 62 26 5d f9 5f e9 66 31 79 1a ec 5d eb 3b 42 de 2a 12 2f 99 5a 51 ad 2c 4e fc b2 cd 25 8a df 0b d7 07 24 1e 16 60 15 f2 23 fe 84 ec 28 ca cb ea 25 a1 6f 30 22 39 cc 4f eb 80 ec b0 87 73 03 c9 e2 6f
                                                  Data Ascii: 5Db]Tb&]_f1y];B*/ZQ,N%$`#(%o0"9OsosUN^m9N)&8))QK}b9"@T~yu?V7j7y)vJ_EEW58X+:CP~T,{/s" a*=_l
                                                  Jul 22, 2024 12:52:06.856928110 CEST1236INData Raw: b8 2f cf 68 1d 39 85 f4 e4 07 46 72 78 75 75 d2 cb 04 48 3f 6c d1 2a 40 d6 12 13 d2 5d 70 a5 40 36 d4 2b 04 e5 5d 94 ab d5 dc 0d 0c 1d a7 16 8c b3 61 ff 48 aa 28 42 89 d3 8d 07 b3 4b 9c 4d 9c 08 ad 31 33 66 c0 64 38 c2 34 af d9 db 1f 71 ad 5a 2f
                                                  Data Ascii: /h9FrxuuH?l*@]p@6+]aH(BKM13fd84qZ/<SYsb#&&xB+//sfLd/@IE'?:j<hU XcNv9q@i[[NmP+=127ZS$rHxh7[m15
                                                  Jul 22, 2024 12:52:06.856939077 CEST1236INData Raw: 18 b4 f1 0c ad 92 9f 06 d4 93 14 51 8d 3e db 45 e9 f7 89 d8 98 c6 99 51 3d 6d d6 35 c2 83 bc a8 76 69 e9 01 9a 6a 89 d9 d1 1c be 3a 4c 24 9d 83 9c 0d 14 c1 3c 09 60 d3 28 f7 db d3 d2 07 e3 22 19 5e 98 ef ec 2c a1 1b 39 83 48 6e 0d b7 7a bb 46 83
                                                  Data Ascii: Q>EQ=m5vij:L$<`("^,9HnzF*Ci":<DKa@ife(A=}3Mm-Wm|r A_H*,%-0Xh[gT6_UwvXY?+B)o\B_I&UPj?n,\_%N&gFx!7^"*w
                                                  Jul 22, 2024 12:52:06.857362986 CEST1236INData Raw: fe 72 1e a8 a1 9e 93 3f fa f1 61 84 c8 0a 61 ed 5f db c2 55 ca 02 49 63 ab 41 0c cd b1 f0 dc f6 16 85 94 79 d1 3b b2 28 17 69 40 2f 88 db e2 13 f9 8a b9 ad 95 ef 00 30 1f 5c db f1 fe 55 3c 0a ee 24 55 d8 40 90 c3 e1 72 a4 2d 34 f4 e0 f6 19 be a7
                                                  Data Ascii: r?aa_UIcAy;(i@/0\U<$U@r-43y15A-fS!7 j_x8Zn7*MRS|)9m"Y$'mmq1Ar}sWC@T^n2I%j+r|kpjq%
                                                  Jul 22, 2024 12:52:06.857374907 CEST1236INData Raw: 5c a8 f8 45 73 b2 03 b5 6f c0 c6 6e b2 0b 85 13 74 f6 12 69 3c 09 02 83 18 59 c2 af af a3 9a d0 63 39 fe ef 55 4e 27 54 9a 85 41 85 7a 53 ef b7 5b cc cc d3 fb 1a b6 9e 39 f3 39 3b 91 9b 83 b3 bf 3a 40 bd e0 12 79 1e c9 dd f6 81 c4 d1 ac f2 58 32
                                                  Data Ascii: \Esonti<Yc9UN'TAzS[99;:@yX2aHVC0(%'6k^"p,Z$Wv0`Jhb33J6=gV3}=,.ym.}O>><'wK\U}&El?<t
                                                  Jul 22, 2024 12:52:06.861732006 CEST1236INData Raw: 45 48 71 ff 5c c2 3d ff f3 bd 2a 2c f9 c3 4c 48 fd d8 e0 2b 7c c5 34 b4 b8 da 2c 05 6e 4b 22 3b 2e d0 b7 d0 40 7e 07 df b3 e2 4d 1c 2c 28 06 79 fc 19 66 59 f9 47 4f a8 38 7e fd 14 d7 23 80 c7 d6 9e 17 38 01 6b d0 a7 25 27 0e fd 88 df b9 72 d2 ce
                                                  Data Ascii: EHq\=*,LH+|4,nK";.@~M,(yfYGO8~#8k%'r$UGDB_s/Z#GrBk3'dfguNO/V&HY^{~AECCE7MSBD3*6k,Fq/D:-E|OylOR-BS)2,
                                                  Jul 22, 2024 12:52:07.207633972 CEST89OUTGET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1
                                                  Host: rt.webcompanion.com
                                                  Jul 22, 2024 12:52:07.309704065 CEST1236INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:52:07 GMT
                                                  Content-Type: application/zip
                                                  Content-Length: 17770
                                                  Connection: keep-alive
                                                  ETag: "1817264281"
                                                  Last-Modified: Mon, 17 Jun 2024 14:26:00 GMT
                                                  CF-Cache-Status: HIT
                                                  Age: 256
                                                  Expires: Mon, 22 Jul 2024 14:52:07 GMT
                                                  Cache-Control: public, max-age=14400
                                                  Accept-Ranges: bytes
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e1215b5a0f81-EWR
                                                  Data Raw: 50 4b 03 04 14 00 01 00 08 00 3a 3d 41 58 37 5c 92 30 c0 44 00 00 72 cc 04 00 12 00 00 00 41 63 74 69 76 65 46 65 61 74 75 72 65 73 2e 74 78 74 a0 9b 2b 93 83 40 fc 73 6a 70 bb 23 a6 14 85 19 db 7f 9e 92 13 c4 c9 4b 31 fb 85 fc 04 d8 12 02 3b 04 ac 2f 2d a7 ef 1b ac a6 c7 02 06 b4 5b a6 5b 13 0e 41 d0 84 42 9e c4 12 82 c4 65 78 71 e8 aa bd c0 29 37 0e 92 20 37 3a 5e 80 b9 ea 89 67 13 4b 20 f3 b5 94 21 69 16 62 55 a7 56 c8 73 d6 98 fb 8e 87 4f 24 76 37 7c 65 5c b2 1b 8e b9 80 ec 57 ff e0 e4 27 f3 f8 a6 5a fd 64 76 65 55 2a 6f f6 52 a0 08 3e a0 25 15 8b a9 77 8c c3 ec 24 f2 2d 3b af 9d 9b 51 9b 18 ac bc 34 19 54 96 8c 06 fa 06 ee c4 66 24 01 2b 54 a6 24 df 26 9d 51 3f 39 c3 e6 99 06 23 22 f6 36 3e fd a1 dd d3 fd e7 0c c4 ee 30 c1 10 eb 15 6f 83 40 da df 9f 6a f9 28 cc 2a 69 29 08 48 22 1d 42 8d 0c 31 60 e4 3d a8 cd 26 30 96 ac 49 38 43 c3 52 9f a5 ce 22 79 e3 be 0a 9e 01 63 4d 37 97 67 e4 fb 80 e3 09 fa be ab d9 9e 5c 40 05 91 01 0d 38 db e2 06 78 94 45 0d 03 34 8b 82 1d 53 dc 7c 49 81 9f 81 18 1d 79 [TRUNCATED]
                                                  Data Ascii: PK:=AX7\0DrActiveFeatures.txt+@sjp#K1;/-[[ABexq)7 7:^gK !ibUVsO$v7|e\W'ZdveU*oR>%w$-;Q4Tf$+T$&Q?9#"6>0o@j(*i)H"B1`=&0I8CR"ycM7g\@8xE4S|Iyy7~%W?7!JhrfdB^OQ"IDG!o+^6VY6<wNNPP2\?EY^j>i[p`L_sXq>#~nY>LO9rsAS+g5FBiqgUf{*vBUBqTpKF;/[&WIAPuS-&v3!Y'bMl{[:5sVL3om7'O4'(V#:\#VOO&<s}Yd|<P@jM%O5lHs^SYfaCDDwVcE8~cETL0YIEd@._PQ~w\fAT7Kiywq|+#]N">(A0bU-lDM#ETYa-h}ep<)


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  12192.168.2.84975464.18.87.82802660C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:52:08.865015984 CEST208OUTPOST /components.asmx HTTP/1.1
                                                  Content-Type: text/xml; charset=utf-8
                                                  SOAPAction: "http://tempuri.org/GetComponentsInfo"
                                                  Host: wc-update-service.lavasoft.com
                                                  Content-Length: 342
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:52:08.865015984 CEST342OUTData Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 20 78 6d 6c 6e 73 3a 78 73 69 3d
                                                  Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><GetComponentsInfo xmlns="http://tempuri.org/"><request><Platform>prod</
                                                  Jul 22, 2024 12:52:09.353449106 CEST1236INHTTP/1.1 200 OK
                                                  Server: nginx
                                                  Date: Mon, 22 Jul 2024 10:52:09 GMT
                                                  Content-Type: text/xml; charset=utf-8
                                                  Content-Length: 1461
                                                  Connection: keep-alive
                                                  Cache-Control: private, max-age=0
                                                  X-AspNet-Version: 4.0.30319
                                                  X-Powered-By: ASP.NET
                                                  Access-Control-Allow-Origin: http://webcompanion.com
                                                  Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 47 65 74 43 6f 6d 70 6f 6e 65 6e 74 73 49 6e 66 6f 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 47 65 74 43 6f 6d 70 6f 6e 65 6e 74 73 49 6e 66 6f 52 65 73 75 6c 74 3e 3c 43 6f 6d 70 6f 6e 65 6e 74 73 3e 3c 43 6f 6d 70 6f 6e 65 6e 74 49 6e 66 6f 52 65 73 70 6f 6e 73 65 3e 3c 4e 61 6d 65 [TRUNCATED]
                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><GetComponentsInfoResponse xmlns="http://tempuri.org/"><GetComponentsInfoResult><Components><ComponentInfoResponse><Name>installer</Name><Version>9.1.0.993</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/Installer.exe</DownloadUrl></ComponentInfoResponse><ComponentInfoResponse><Name>application</Name><Version>2.1.1117.2317</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/Installer.msi</DownloadUrl></ComponentInfoResponse><ComponentInfoResponse><Name>tcpservice</Name><Version>2.3.4.7</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/TcpService.msi</DownloadUrl></ComponentInfoResponse><ComponentInfoResponse><Name>42f00399-529e-4915-83ce-5b4c18049fc8</Name><V
                                                  Jul 22, 2024 12:52:09.353499889 CEST522INData Raw: 65 72 73 69 6f 6e 3e 39 2e 31 2e 30 2e 39 39 33 3c 2f 56 65 72 73 69 6f 6e 3e 3c 44 6f 77 6e 6c 6f 61 64 55 72 6c 3e 68 74 74 70 3a 2f 2f 77 63 64 6f 77 6e 6c 6f 61 64 65 72 63 64 6e 2e 6c 61 76 61 73 6f 66 74 2e 63 6f 6d 2f 39 2e 31 2e 30 2e 39
                                                  Data Ascii: ersion>9.1.0.993</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/WcInstaller.exe</DownloadUrl></ComponentInfoResponse><ComponentInfoResponse><Name>webcompanion</Name><Version>9.1.0.993</Version><DownloadUrl>http://wcdownloa


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  13192.168.2.849755104.19.208.152802660C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:52:09.475594997 CEST106OUTGET /version_logs?json=true&version=9.1.0.993 HTTP/1.1
                                                  Host: webcompanion.com
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:52:09.983284950 CEST629INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:52:09 GMT
                                                  Content-Type: text/html; charset=UTF-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  X-Powered-By: PHP/7.2.34
                                                  Vary: Accept-Encoding
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e131df80c335-EWR
                                                  Data Raw: 31 35 38 0d 0a 3c 62 72 20 2f 3e 0a 3c 62 3e 57 61 72 6e 69 6e 67 3c 2f 62 3e 3a 20 20 63 6f 75 6e 74 28 29 3a 20 50 61 72 61 6d 65 74 65 72 20 6d 75 73 74 20 62 65 20 61 6e 20 61 72 72 61 79 20 6f 72 20 61 6e 20 6f 62 6a 65 63 74 20 74 68 61 74 20 69 6d 70 6c 65 6d 65 6e 74 73 20 43 6f 75 6e 74 61 62 6c 65 20 69 6e 20 3c 62 3e 2f 76 61 72 2f 77 77 77 2f 68 74 6d 6c 2f 69 6e 63 6c 75 64 65 73 2f 66 75 6e 63 74 69 6f 6e 73 2e 70 68 70 3c 2f 62 3e 20 6f 6e 20 6c 69 6e 65 20 3c 62 3e 39 31 3c 2f 62 3e 3c 62 72 20 2f 3e 0a 3c 62 72 20 2f 3e 0a 3c 62 3e 57 61 72 6e 69 6e 67 3c 2f 62 3e 3a 20 20 63 6f 75 6e 74 28 29 3a 20 50 61 72 61 6d 65 74 65 72 20 6d 75 73 74 20 62 65 20 61 6e 20 61 72 72 61 79 20 6f 72 20 61 6e 20 6f 62 6a 65 63 74 20 74 68 61 74 20 69 6d 70 6c 65 6d 65 6e 74 73 20 43 6f 75 6e 74 61 62 6c 65 20 69 6e 20 3c 62 3e 2f 76 61 72 2f 77 77 77 2f 68 74 6d 6c 2f 69 6e 63 6c 75 64 65 73 2f 66 75 6e 63 74 69 6f 6e 73 2e 70 68 70 3c 2f 62 3e 20 6f 6e 20 6c 69 6e 65 20 3c 62 3e 39 38 3c 2f 62 3e [TRUNCATED]
                                                  Data Ascii: 158<br /><b>Warning</b>: count(): Parameter must be an array or an object that implements Countable in <b>/var/www/html/includes/functions.php</b> on line <b>91</b><br /><br /><b>Warning</b>: count(): Parameter must be an array or an object that implements Countable in <b>/var/www/html/includes/functions.php</b> on line <b>98</b><br />null0


                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                  14192.168.2.849768104.16.149.13080
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:53:26.520497084 CEST186OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 447
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:53:26.526029110 CEST447OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30
                                                  Data Ascii: {"Data": {"MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Version":"9.1.0.993","OsVersion":"Microsoft Windows 10 Pro","OsBit":"64","PartnerID":"FZ210427","CampaignID":"","LanguageIso2":nul
                                                  Jul 22, 2024 12:53:27.037102938 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:53:26 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e3136b2e9e1a-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:53:27.065696955 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 569
                                                  Jul 22, 2024 12:53:27.070966005 CEST569OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30
                                                  Data Ascii: {"Data": {"MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Version":"9.1.0.993","OsVersion":"Microsoft Windows 10 Pro","OsBit":"64","PartnerID":"FZ210427","CampaignID":"","LanguageIso2":nul
                                                  Jul 22, 2024 12:53:27.194587946 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:53:27 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e3147be09e1a-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:53:27.207288980 CEST162OUTPOST /v1/event-stat-wc?Type=CompleteInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 349
                                                  Jul 22, 2024 12:53:27.219997883 CEST349OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30
                                                  Data Ascii: {"Data": {"MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Version":"9.1.0.993","OsVersion":"Microsoft Windows 10 Pro","OsBit":"64","PartnerID":"FZ210427","CampaignID":"","LanguageIso2":"en
                                                  Jul 22, 2024 12:53:27.381828070 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:53:27 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e3156c619e1a-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0
                                                  Jul 22, 2024 12:53:27.391299963 CEST162OUTPOST /v1/event-stat-wc?Type=ProgressInstall&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 465
                                                  Jul 22, 2024 12:53:27.396464109 CEST465OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30
                                                  Data Ascii: {"Data": {"MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Version":"9.1.0.993","OsVersion":"Microsoft Windows 10 Pro","OsBit":"64","PartnerID":"FZ210427","CampaignID":"","LanguageIso2":nul
                                                  Jul 22, 2024 12:53:27.558337927 CEST524INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:53:27 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e3168ce29e1a-EWR
                                                  Data Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}0


                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                  15192.168.2.849769104.19.159.22480
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:53:27.394160986 CEST113OUTGET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1
                                                  Host: rt.webcompanion.com
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:53:27.863941908 CEST1236INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:53:27 GMT
                                                  Content-Type: application/zip
                                                  Content-Length: 17770
                                                  Connection: keep-alive
                                                  ETag: "1817264281"
                                                  Last-Modified: Mon, 17 Jun 2024 14:26:00 GMT
                                                  CF-Cache-Status: HIT
                                                  Age: 336
                                                  Expires: Mon, 22 Jul 2024 14:53:27 GMT
                                                  Cache-Control: public, max-age=14400
                                                  Accept-Ranges: bytes
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e318cd1342d0-EWR
                                                  Data Raw: 50 4b 03 04 14 00 01 00 08 00 3a 3d 41 58 37 5c 92 30 c0 44 00 00 72 cc 04 00 12 00 00 00 41 63 74 69 76 65 46 65 61 74 75 72 65 73 2e 74 78 74 a0 9b 2b 93 83 40 fc 73 6a 70 bb 23 a6 14 85 19 db 7f 9e 92 13 c4 c9 4b 31 fb 85 fc 04 d8 12 02 3b 04 ac 2f 2d a7 ef 1b ac a6 c7 02 06 b4 5b a6 5b 13 0e 41 d0 84 42 9e c4 12 82 c4 65 78 71 e8 aa bd c0 29 37 0e 92 20 37 3a 5e 80 b9 ea 89 67 13 4b 20 f3 b5 94 21 69 16 62 55 a7 56 c8 73 d6 98 fb 8e 87 4f 24 76 37 7c 65 5c b2 1b 8e b9 80 ec 57 ff e0 e4 27 f3 f8 a6 5a fd 64 76 65 55 2a 6f f6 52 a0 08 3e a0 25 15 8b a9 77 8c c3 ec 24 f2 2d 3b af 9d 9b 51 9b 18 ac bc 34 19 54 96 8c 06 fa 06 ee c4 66 24 01 2b 54 a6 24 df 26 9d 51 3f 39 c3 e6 99 06 23 22 f6 36 3e fd a1 dd d3 fd e7 0c c4 ee 30 c1 10 eb 15 6f 83 40 da df 9f 6a f9 28 cc 2a 69 29 08 48 22 1d 42 8d 0c 31 60 e4 3d a8 cd 26 30 96 ac 49 38 43 c3 52 9f a5 ce 22 79 e3 be 0a 9e 01 63 4d 37 97 67 e4 fb 80 e3 09 fa be ab d9 9e 5c 40 05 91 01 0d 38 db e2 06 78 94 45 0d 03 34 8b 82 1d 53 dc 7c 49 81 9f 81 18 1d 79 [TRUNCATED]
                                                  Data Ascii: PK:=AX7\0DrActiveFeatures.txt+@sjp#K1;/-[[ABexq)7 7:^gK !ibUVsO$v7|e\W'ZdveU*oR>%w$-;Q4Tf$+T$&Q?9#"6>0o@j(*i)H"B1`=&0I8CR"ycM7g\@8xE4S|Iyy7~%W?7!JhrfdB^OQ"IDG!o+^6VY6<wNNPP2\?EY^j>i[p`L_sXq>#~nY>LO9rsAS+g5FBiqgUf{*vBUBqTpKF;/[&WIAPuS-&v3!Y'bMl{[:5sVL3om7'O4'(V#:\#VOO&<s}Yd|<P@jM%O5lHs^SYfaCDDwVcE8~cETL0YIEd@._PQ~w\fAT7Kiywq|+#]N">(A0bU-lDM#ETYa-h}ep<)
                                                  Jul 22, 2024 12:53:27.864063978 CEST1236INData Raw: 2c c3 e9 0b b5 94 79 f6 cd ab db ef 95 d6 d1 32 bc 03 27 b0 a7 67 bb 67 5c 5f 47 4a 97 f1 f7 fc 80 a5 3d 5e cb d2 21 fd 16 4d f6 ed 94 f2 d0 41 ec b6 8d 9b cb af 44 4b 5e 3f 92 fc ae 08 db 64 a5 1d 86 78 29 a2 a9 c5 2d c1 7a 36 38 e0 81 84 1a 34
                                                  Data Ascii: ,y2'gg\_GJ=^!MADK^?dx)-z684R|YSgynUf1qbEFO?'[a`bF\rsZL0q\vgrP:ZbPw^l^|Vov^'D0\mJh*I{X14
                                                  Jul 22, 2024 12:53:27.864099026 CEST448INData Raw: a8 e3 09 b7 93 e7 ef 55 87 a5 e2 4a 0e 55 3c 50 4f 28 65 ca 9a de 34 88 d5 59 ab cd 64 54 2a 94 93 b6 b8 c7 f1 34 a6 fe 9a 9e 58 e1 5b 68 04 08 88 1d 07 7a 22 8c f4 8b 1a 37 f4 2d 18 02 f7 c9 7a e3 8d 30 e6 e5 c6 72 4a b5 33 12 97 f2 9b 9f 3d 2b
                                                  Data Ascii: UJU<PO(e4YdT*4X[hz"7-z0rJ3=+I:QrVjeAU|0e r.-nFs%U@_G~W}E^ns]W6.Jg4)Kk~9"4{i#W}_&L'HNO
                                                  Jul 22, 2024 12:53:27.864367008 CEST1236INData Raw: b0 c5 77 46 38 ef fa 01 cd 9b ea 71 97 9b 3b 18 32 16 9a 2e 50 1c 4c 1d 5b 1d 8d 18 bf 63 ed 90 f2 14 fb 9e 5c fc 96 c0 bd 03 46 78 99 99 29 13 42 50 a5 ca cf 1a f7 72 13 d7 60 42 a4 f0 f7 80 f0 d3 51 71 55 1a 83 2d 94 b6 34 c8 8e 41 1b cd 5b ce
                                                  Data Ascii: wF8q;2.PL[c\Fx)BPr`BQqU-4A[.M|@up*_}L7[Re='\'e@(<MI@q`g$^cnGW`?5jn|SjbRyS=<.9SVE@`oso&o%sPD;z'uE) dU1
                                                  Jul 22, 2024 12:53:27.864399910 CEST1236INData Raw: 08 70 c3 3a c0 db df 28 89 db 04 36 a6 c7 a6 e5 ef a7 02 b0 40 49 26 cd e0 bc be 3a cc a3 bd 08 b3 12 21 14 30 84 2f 8c 18 41 ed 95 5f 59 d4 3c 34 7c 0b af 36 20 a8 4a 98 b8 d8 e9 4e 93 10 b8 82 70 d8 7b 8a 33 aa ea 62 b9 81 f5 c3 cd e1 b3 0c 6f
                                                  Data Ascii: p:(6@I&:!0/A_Y<4|6 JNp{3boB8wkcKeW^N6y%L-xg\B'BY_ Er<rJ>xEu^akk9OiCpm(Z0;8S:,0#3G*S0WDqQ_@//X6_&+
                                                  Jul 22, 2024 12:53:27.864434958 CEST1236INData Raw: a4 85 0d c7 4f ef 1a 73 f2 8a cc 9b 1e 62 ee 85 89 82 82 ee 8f cc 34 01 13 1b 8b 82 13 09 56 bf ef ea 28 7c 71 3e 6e a9 3a 6f 08 b8 db bd 20 a5 0d 2f 6f 6a 36 15 85 03 4c f0 a7 47 e9 c7 81 d1 54 69 10 9c a6 76 ad a0 a4 40 7c 6c f1 e9 16 f6 52 37
                                                  Data Ascii: Osb4V(|q>n:o /oj6LGTiv@|lR7(>N(th19t.vcjEqlZ"Q=4c9Qi#DrJQhH=5w0jC&k)d@smPg0%?U jQL%
                                                  Jul 22, 2024 12:53:27.864504099 CEST1236INData Raw: ff a2 87 6e df 0b 56 1a e6 94 9a 00 1c 13 d4 5e ba 81 49 63 cd ca 6d da ba 0e 29 fd 5b c4 f4 52 a5 78 d3 76 1e 43 c5 7f 49 f4 2d f3 56 36 85 02 fb 37 29 0e ce 7b 44 3b a4 24 2d 7f a2 bf 5b 10 7b fd 49 b6 73 0b cf 33 3a ba d0 a3 b1 c0 d8 b0 8a ce
                                                  Data Ascii: nV^Icm)[RxvCI-V67){D;$-[{Is3:f72/l$L#Dg4Vjg^e4%?b2:$=;Hs?JG%Ll"{mMVxI:bx<)@2kbN:5f2B.@L_"Bg
                                                  Jul 22, 2024 12:53:27.865191936 CEST1236INData Raw: b4 18 63 9a de 70 1f af eb cb 2f b1 86 5d b9 28 ac 06 79 01 94 af 84 58 80 7c ab d8 8e ff f1 72 c2 7a 37 bb 00 32 a6 f0 55 44 7b c0 2e 63 50 92 c7 10 24 fc 30 82 64 ce bd 29 63 0d d5 34 e7 1b 14 5f 14 22 74 2f f1 6b 64 0c ac 07 19 b6 8b f0 ac bc
                                                  Data Ascii: cp/](yX|rz72UD{.cP$0d)c4_"t/kdQ_c=jeN.TDp%<n@Em7k@Y_6EqhbMWsf"&8ZUlS:=}H`tApb#Ey_tI%,Qpi750GukrDe
                                                  Jul 22, 2024 12:53:27.865226030 CEST552INData Raw: 82 d7 f0 7e e6 72 ef 9d 68 a9 74 9b bf ea 15 17 70 cf 36 37 2c 12 83 cf 60 53 c0 69 f2 8a 78 79 79 12 f6 3f 7f 86 ef 13 f6 f9 ad c3 47 a4 5f 17 2a 64 1a 16 5a be c7 e9 7f 41 c0 97 85 21 44 94 55 4c 18 af 11 94 ca 2a ea bd a9 26 97 ab bb b3 bb 7d
                                                  Data Ascii: ~rhtp67,`Sixyy?G_*dZA!DUL*&}:d&MQ3 iM5fny{b3FVmBzl;q-qk!bE?]QneV`7gwX"ln^bCp">GM&=zv>Vl
                                                  Jul 22, 2024 12:53:27.865259886 CEST1236INData Raw: b8 3b 36 95 94 b1 e3 15 18 81 00 e5 5d f9 17 a0 2e c7 b5 5f 23 f8 69 fc 1a 64 a4 46 a0 ea ec f5 20 91 42 cf 9b 3b 85 9a ff a3 bc de 15 ac 7d 2b 81 44 88 be b9 8d 49 cb ea 4b 95 76 8b 3d c3 ad 7b 6b 35 b7 47 a3 8f 37 3e 55 9c ff d2 ed b2 50 67 a2
                                                  Data Ascii: ;6]._#idF B;}+DIKv={k5G7>UPg-`N(w4!*@1?3@$Ji._r?aa_UIcAy;(i@/0\U<$U@r-43y15A-fS!7 j_x
                                                  Jul 22, 2024 12:53:27.869517088 CEST1236INData Raw: 90 d2 1a 02 04 b2 9c 82 c2 e1 92 ec 5e 6f bc 80 83 d5 ae 7d c0 03 ce 72 1c 7b 34 39 f1 14 bc 38 d4 51 60 89 eb b1 4a e8 ec 4e a3 c6 89 3c f9 b7 0c 2c 52 09 87 0b 2a c8 6a da 65 37 87 9f ef 1a 1d 13 49 6a b0 d4 90 82 ea 1d db 2b 7b 62 91 d4 5a b9
                                                  Data Ascii: ^o}r{498Q`JN<,R*je7Ij+{bZwziN}jN\qEcC\Esonti<Yc9UN'TAzS[99;:@yX2aHVC0(%'6k^"p,
                                                  Jul 22, 2024 12:53:28.081218958 CEST89OUTGET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1
                                                  Host: rt.webcompanion.com
                                                  Jul 22, 2024 12:53:28.183582067 CEST1236INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:53:28 GMT
                                                  Content-Type: application/zip
                                                  Content-Length: 17770
                                                  Connection: keep-alive
                                                  ETag: "1817264281"
                                                  Last-Modified: Mon, 17 Jun 2024 14:26:00 GMT
                                                  CF-Cache-Status: HIT
                                                  Age: 337
                                                  Expires: Mon, 22 Jul 2024 14:53:28 GMT
                                                  Cache-Control: public, max-age=14400
                                                  Accept-Ranges: bytes
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e31adeed42d0-EWR
                                                  Data Raw: 50 4b 03 04 14 00 01 00 08 00 3a 3d 41 58 37 5c 92 30 c0 44 00 00 72 cc 04 00 12 00 00 00 41 63 74 69 76 65 46 65 61 74 75 72 65 73 2e 74 78 74 a0 9b 2b 93 83 40 fc 73 6a 70 bb 23 a6 14 85 19 db 7f 9e 92 13 c4 c9 4b 31 fb 85 fc 04 d8 12 02 3b 04 ac 2f 2d a7 ef 1b ac a6 c7 02 06 b4 5b a6 5b 13 0e 41 d0 84 42 9e c4 12 82 c4 65 78 71 e8 aa bd c0 29 37 0e 92 20 37 3a 5e 80 b9 ea 89 67 13 4b 20 f3 b5 94 21 69 16 62 55 a7 56 c8 73 d6 98 fb 8e 87 4f 24 76 37 7c 65 5c b2 1b 8e b9 80 ec 57 ff e0 e4 27 f3 f8 a6 5a fd 64 76 65 55 2a 6f f6 52 a0 08 3e a0 25 15 8b a9 77 8c c3 ec 24 f2 2d 3b af 9d 9b 51 9b 18 ac bc 34 19 54 96 8c 06 fa 06 ee c4 66 24 01 2b 54 a6 24 df 26 9d 51 3f 39 c3 e6 99 06 23 22 f6 36 3e fd a1 dd d3 fd e7 0c c4 ee 30 c1 10 eb 15 6f 83 40 da df 9f 6a f9 28 cc 2a 69 29 08 48 22 1d 42 8d 0c 31 60 e4 3d a8 cd 26 30 96 ac 49 38 43 c3 52 9f a5 ce 22 79 e3 be 0a 9e 01 63 4d 37 97 67 e4 fb 80 e3 09 fa be ab d9 9e 5c 40 05 91 01 0d 38 db e2 06 78 94 45 0d 03 34 8b 82 1d 53 dc 7c 49 81 9f 81 18 1d 79 [TRUNCATED]
                                                  Data Ascii: PK:=AX7\0DrActiveFeatures.txt+@sjp#K1;/-[[ABexq)7 7:^gK !ibUVsO$v7|e\W'ZdveU*oR>%w$-;Q4Tf$+T$&Q?9#"6>0o@j(*i)H"B1`=&0I8CR"ycM7g\@8xE4S|Iyy7~%W?7!JhrfdB^OQ"IDG!o+^6VY6<wNNPP2\?EY^j>i[p`L_sXq>#~nY>LO9rsAS+g5FBiqgUf{*vBUBqTpKF;/[&WIAPuS-&v3!Y'bMl{[:5sVL3om7'O4'(V#:\#VOO&<s}Yd|<P@jM%O5lHs^SYfaCDDwVcE8~cETL0YIEd@._PQ~w\fAT7Kiywq|+#]N">(A0bU-lDM#ETYa-h}ep<)


                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                  16192.168.2.84977264.18.87.8280
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:53:30.553590059 CEST208OUTPOST /components.asmx HTTP/1.1
                                                  Content-Type: text/xml; charset=utf-8
                                                  SOAPAction: "http://tempuri.org/GetComponentsInfo"
                                                  Host: wc-update-service.lavasoft.com
                                                  Content-Length: 342
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:53:30.553631067 CEST342OUTData Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 20 78 6d 6c 6e 73 3a 78 73 69 3d
                                                  Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><GetComponentsInfo xmlns="http://tempuri.org/"><request><Platform>prod</
                                                  Jul 22, 2024 12:53:31.039815903 CEST1236INHTTP/1.1 200 OK
                                                  Server: nginx
                                                  Date: Mon, 22 Jul 2024 10:53:30 GMT
                                                  Content-Type: text/xml; charset=utf-8
                                                  Content-Length: 1461
                                                  Connection: keep-alive
                                                  Cache-Control: private, max-age=0
                                                  X-AspNet-Version: 4.0.30319
                                                  X-Powered-By: ASP.NET
                                                  Access-Control-Allow-Origin: http://webcompanion.com
                                                  Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 47 65 74 43 6f 6d 70 6f 6e 65 6e 74 73 49 6e 66 6f 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 47 65 74 43 6f 6d 70 6f 6e 65 6e 74 73 49 6e 66 6f 52 65 73 75 6c 74 3e 3c 43 6f 6d 70 6f 6e 65 6e 74 73 3e 3c 43 6f 6d 70 6f 6e 65 6e 74 49 6e 66 6f 52 65 73 70 6f 6e 73 65 3e 3c 4e 61 6d 65 [TRUNCATED]
                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><GetComponentsInfoResponse xmlns="http://tempuri.org/"><GetComponentsInfoResult><Components><ComponentInfoResponse><Name>installer</Name><Version>9.1.0.993</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/Installer.exe</DownloadUrl></ComponentInfoResponse><ComponentInfoResponse><Name>application</Name><Version>2.1.1117.2317</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/Installer.msi</DownloadUrl></ComponentInfoResponse><ComponentInfoResponse><Name>tcpservice</Name><Version>2.3.4.7</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/TcpService.msi</DownloadUrl></ComponentInfoResponse><ComponentInfoResponse><Name>42f00399-529e-4915-83ce-5b4c18049fc8</Name><V
                                                  Jul 22, 2024 12:53:31.039870977 CEST522INData Raw: 65 72 73 69 6f 6e 3e 39 2e 31 2e 30 2e 39 39 33 3c 2f 56 65 72 73 69 6f 6e 3e 3c 44 6f 77 6e 6c 6f 61 64 55 72 6c 3e 68 74 74 70 3a 2f 2f 77 63 64 6f 77 6e 6c 6f 61 64 65 72 63 64 6e 2e 6c 61 76 61 73 6f 66 74 2e 63 6f 6d 2f 39 2e 31 2e 30 2e 39
                                                  Data Ascii: ersion>9.1.0.993</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/WcInstaller.exe</DownloadUrl></ComponentInfoResponse><ComponentInfoResponse><Name>webcompanion</Name><Version>9.1.0.993</Version><DownloadUrl>http://wcdownloa


                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                  17192.168.2.849773104.19.159.22480
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:53:31.142394066 CEST106OUTGET /version_logs?json=true&version=9.1.0.993 HTTP/1.1
                                                  Host: webcompanion.com
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:53:31.657177925 CEST629INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:53:31 GMT
                                                  Content-Type: text/html; charset=UTF-8
                                                  Transfer-Encoding: chunked
                                                  Connection: keep-alive
                                                  X-Powered-By: PHP/7.2.34
                                                  Vary: Accept-Encoding
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e3304c8641c1-EWR
                                                  Data Raw: 31 35 38 0d 0a 3c 62 72 20 2f 3e 0a 3c 62 3e 57 61 72 6e 69 6e 67 3c 2f 62 3e 3a 20 20 63 6f 75 6e 74 28 29 3a 20 50 61 72 61 6d 65 74 65 72 20 6d 75 73 74 20 62 65 20 61 6e 20 61 72 72 61 79 20 6f 72 20 61 6e 20 6f 62 6a 65 63 74 20 74 68 61 74 20 69 6d 70 6c 65 6d 65 6e 74 73 20 43 6f 75 6e 74 61 62 6c 65 20 69 6e 20 3c 62 3e 2f 76 61 72 2f 77 77 77 2f 68 74 6d 6c 2f 69 6e 63 6c 75 64 65 73 2f 66 75 6e 63 74 69 6f 6e 73 2e 70 68 70 3c 2f 62 3e 20 6f 6e 20 6c 69 6e 65 20 3c 62 3e 39 31 3c 2f 62 3e 3c 62 72 20 2f 3e 0a 3c 62 72 20 2f 3e 0a 3c 62 3e 57 61 72 6e 69 6e 67 3c 2f 62 3e 3a 20 20 63 6f 75 6e 74 28 29 3a 20 50 61 72 61 6d 65 74 65 72 20 6d 75 73 74 20 62 65 20 61 6e 20 61 72 72 61 79 20 6f 72 20 61 6e 20 6f 62 6a 65 63 74 20 74 68 61 74 20 69 6d 70 6c 65 6d 65 6e 74 73 20 43 6f 75 6e 74 61 62 6c 65 20 69 6e 20 3c 62 3e 2f 76 61 72 2f 77 77 77 2f 68 74 6d 6c 2f 69 6e 63 6c 75 64 65 73 2f 66 75 6e 63 74 69 6f 6e 73 2e 70 68 70 3c 2f 62 3e 20 6f 6e 20 6c 69 6e 65 20 3c 62 3e 39 38 3c 2f 62 3e [TRUNCATED]
                                                  Data Ascii: 158<br /><b>Warning</b>: count(): Parameter must be an array or an object that implements Countable in <b>/var/www/html/includes/functions.php</b> on line <b>91</b><br /><br /><b>Warning</b>: count(): Parameter must be an array or an object that implements Countable in <b>/var/www/html/includes/functions.php</b> on line <b>98</b><br />null0


                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                  18192.168.2.849774104.19.159.22480
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:53:33.334543943 CEST113OUTGET /notifications/download/rt/ActiveFeatures.zip HTTP/1.1
                                                  Host: rt.webcompanion.com
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:53:34.476969004 CEST1236INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:53:34 GMT
                                                  Content-Type: application/zip
                                                  Content-Length: 17770
                                                  Connection: keep-alive
                                                  ETag: "1817264281"
                                                  Last-Modified: Mon, 17 Jun 2024 14:26:00 GMT
                                                  CF-Cache-Status: HIT
                                                  Age: 343
                                                  Expires: Mon, 22 Jul 2024 14:53:34 GMT
                                                  Cache-Control: public, max-age=14400
                                                  Accept-Ranges: bytes
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e3421fd0439a-EWR
                                                  Data Raw: 50 4b 03 04 14 00 01 00 08 00 3a 3d 41 58 37 5c 92 30 c0 44 00 00 72 cc 04 00 12 00 00 00 41 63 74 69 76 65 46 65 61 74 75 72 65 73 2e 74 78 74 a0 9b 2b 93 83 40 fc 73 6a 70 bb 23 a6 14 85 19 db 7f 9e 92 13 c4 c9 4b 31 fb 85 fc 04 d8 12 02 3b 04 ac 2f 2d a7 ef 1b ac a6 c7 02 06 b4 5b a6 5b 13 0e 41 d0 84 42 9e c4 12 82 c4 65 78 71 e8 aa bd c0 29 37 0e 92 20 37 3a 5e 80 b9 ea 89 67 13 4b 20 f3 b5 94 21 69 16 62 55 a7 56 c8 73 d6 98 fb 8e 87 4f 24 76 37 7c 65 5c b2 1b 8e b9 80 ec 57 ff e0 e4 27 f3 f8 a6 5a fd 64 76 65 55 2a 6f f6 52 a0 08 3e a0 25 15 8b a9 77 8c c3 ec 24 f2 2d 3b af 9d 9b 51 9b 18 ac bc 34 19 54 96 8c 06 fa 06 ee c4 66 24 01 2b 54 a6 24 df 26 9d 51 3f 39 c3 e6 99 06 23 22 f6 36 3e fd a1 dd d3 fd e7 0c c4 ee 30 c1 10 eb 15 6f 83 40 da df 9f 6a f9 28 cc 2a 69 29 08 48 22 1d 42 8d 0c 31 60 e4 3d a8 cd 26 30 96 ac 49 38 43 c3 52 9f a5 ce 22 79 e3 be 0a 9e 01 63 4d 37 97 67 e4 fb 80 e3 09 fa be ab d9 9e 5c 40 05 91 01 0d 38 db e2 06 78 94 45 0d 03 34 8b 82 1d 53 dc 7c 49 81 9f 81 18 1d 79 [TRUNCATED]
                                                  Data Ascii: PK:=AX7\0DrActiveFeatures.txt+@sjp#K1;/-[[ABexq)7 7:^gK !ibUVsO$v7|e\W'ZdveU*oR>%w$-;Q4Tf$+T$&Q?9#"6>0o@j(*i)H"B1`=&0I8CR"ycM7g\@8xE4S|Iyy7~%W?7!JhrfdB^OQ"IDG!o+^6VY6<wNNPP2\?EY^j>i[p`L_sXq>#~nY>LO9rsAS+g5FBiqgUf{*vBUBqTpKF;/[&WIAPuS-&v3!Y'bMl{[:5sVL3om7'O4'(V#:\#VOO&<s}Yd|<P@jM%O5lHs^SYfaCDDwVcE8~cETL0YIEd@._PQ~w\fAT7Kiywq|+#]N">(A0bU-lDM#ETYa-h}ep<)
                                                  Jul 22, 2024 12:53:34.476984024 CEST1236INData Raw: 2c c3 e9 0b b5 94 79 f6 cd ab db ef 95 d6 d1 32 bc 03 27 b0 a7 67 bb 67 5c 5f 47 4a 97 f1 f7 fc 80 a5 3d 5e cb d2 21 fd 16 4d f6 ed 94 f2 d0 41 ec b6 8d 9b cb af 44 4b 5e 3f 92 fc ae 08 db 64 a5 1d 86 78 29 a2 a9 c5 2d c1 7a 36 38 e0 81 84 1a 34
                                                  Data Ascii: ,y2'gg\_GJ=^!MADK^?dx)-z684R|YSgynUf1qbEFO?'[a`bF\rsZL0q\vgrP:ZbPw^l^|Vov^'D0\mJh*I{X14
                                                  Jul 22, 2024 12:53:34.476994991 CEST1236INData Raw: a8 e3 09 b7 93 e7 ef 55 87 a5 e2 4a 0e 55 3c 50 4f 28 65 ca 9a de 34 88 d5 59 ab cd 64 54 2a 94 93 b6 b8 c7 f1 34 a6 fe 9a 9e 58 e1 5b 68 04 08 88 1d 07 7a 22 8c f4 8b 1a 37 f4 2d 18 02 f7 c9 7a e3 8d 30 e6 e5 c6 72 4a b5 33 12 97 f2 9b 9f 3d 2b
                                                  Data Ascii: UJU<PO(e4YdT*4X[hz"7-z0rJ3=+I:QrVjeAU|0e r.-nFs%U@_G~W}E^ns]W6.Jg4)Kk~9"4{i#W}_&L'HNO
                                                  Jul 22, 2024 12:53:34.477464914 CEST672INData Raw: 48 a2 40 45 ad 3e 10 cc d4 22 b8 18 aa b5 83 15 5b 5f 79 62 da f6 64 de 89 40 91 c6 e3 e6 3c 48 f6 f2 37 d0 b4 a2 87 ed 8b 72 11 f9 fa 1d 84 ca dd 63 7c e6 56 65 74 e8 c3 ce 0a 52 78 3d f5 2c 69 ad 82 46 5f 21 19 b5 ed d3 bf 7e 98 76 8d 6a 94 b7
                                                  Data Ascii: H@E>"[_ybd@<H7rc|VetRx=,iF_!~vj5s,yL/[g{QosVz%{A|PSeC)PYzSZ/]E?kINr|Pg!\2-;@&Lb<ma
                                                  Jul 22, 2024 12:53:34.477533102 CEST1236INData Raw: 51 1f 5f 95 40 e0 2f 2f b3 58 36 a8 5f 26 2b c1 d7 d8 86 95 ec 9b 23 f0 6b a3 48 55 63 47 ab 98 a2 7c a9 9d 44 46 9a cb 72 d4 ab 80 27 62 e2 20 b8 23 fe ab f6 c3 e1 79 ff 0e d6 3c ae d6 7b e4 a2 37 6f 8b fd 67 76 72 8f 8e e1 72 fa 02 77 a5 81 f5
                                                  Data Ascii: Q_@//X6_&+#kHUcG|DFr'b #y<{7ogvrrwq&PsTo=D8?^7(Xg@1~;sJa\o%PX=$cvb7fS:."$qC!QFmfWCW#H]WNsiz %Na
                                                  Jul 22, 2024 12:53:34.477543116 CEST1236INData Raw: b0 67 d8 a1 30 25 3f 02 55 01 20 6a 51 4c 25 98 eb 97 f9 7e 66 ee d7 b1 f9 f9 c8 52 7e e9 cc 8c e0 85 81 9e 75 92 0d 4f 55 71 18 6b 3b 1f c1 38 42 6b c9 86 6d cb de b0 bc b5 62 17 da 81 40 69 af 0f ae 34 73 51 45 5a 4f 43 9b dc 83 af 7b a1 89 68
                                                  Data Ascii: g0%?U jQL%~fR~uOUqk;8Bkmb@i4sQEZOC{h'VuuDyznvDn(&J;Px=Uc05;VT7!X<lA"}#&7qB(m5-r#N)4z7Axi)8
                                                  Jul 22, 2024 12:53:34.477552891 CEST1236INData Raw: 40 4c 5f 22 a6 8e 97 9a b0 ae 42 00 ee 93 fe be c4 67 bd a1 03 61 4e 84 cb a0 67 6a e2 91 dc 77 40 da 04 53 1c 7e 5e 16 ac 6c 1f ad 21 43 29 ae 3c b5 6d 41 17 ce 99 37 75 7e 83 67 64 da 98 5f 52 48 92 39 2f a2 7b 79 5a a9 1c 84 29 a1 75 fe 35 2d
                                                  Data Ascii: @L_"BgaNgjw@S~^l!C)<mA7u~gd_RH9/{yZ)u5-U|1.rwx#x{LOmV>y)YT+h"j^mf}xmk{KE[.ntTv#odHsfIu4@/=i ,Dm4%,],>A3
                                                  Jul 22, 2024 12:53:34.477562904 CEST1236INData Raw: a4 75 6b 9d 8e 72 bf 44 65 cd 9c 9a 81 c2 f5 91 b3 95 bd 7b f5 9b de 51 be c3 87 77 77 67 95 16 8e 08 8e 1a 8e 6e c8 38 25 3e bd 63 08 bf 5a 34 ee d4 84 0d 42 59 77 2e 68 0a cb 58 92 56 1e 99 7e 84 53 66 25 79 5a d7 07 7c 54 81 63 e7 ae b9 a1 c5
                                                  Data Ascii: ukrDe{Qwwgn8%>cZ4BYw.hXV~Sf%yZ|Tc&=0q5WKl\<U9$DW`+R ]m-68j5a.|sOB~1zc[ugQ>Tv~Fa&<pX caENsE0aUC3WE4
                                                  Jul 22, 2024 12:53:34.477709055 CEST1236INData Raw: 90 f9 3e cc a5 15 56 a3 fe af c3 ae f4 bf 6c 0a 0a b9 c0 08 ad a0 b3 98 77 db d1 2a a8 8c 8b 5c 92 11 d5 ff b8 b8 3d fa 21 dd 30 57 52 0f 90 76 97 46 49 f3 b0 f5 1b b1 d7 21 08 dd d8 77 eb 88 74 07 5c 0f f6 4f 41 ea 5c 09 37 2b b0 f3 16 f6 1c 9c
                                                  Data Ascii: >Vlw*\=!0WRvFI!wt\OA\7+y;#+KsF14:FD[Re e#Hd5I.*p{o.H'*|a2iZ.Yp?X=[I\V~^{z7F: G5C*w 0sB
                                                  Jul 22, 2024 12:53:34.477720022 CEST1236INData Raw: 1e b1 86 60 62 c7 ed 7f be af 7b 96 5f 3d 9d 9d 0b 56 26 89 40 3d 3d 97 72 1b ff ea ff 35 46 a1 b9 be f8 fb 17 02 f9 23 5a 8c 2f 75 73 1d 7f e5 15 20 69 d1 52 03 6b f3 fa 6b 65 c5 b8 c6 cd 06 e9 35 8a c7 49 1e 7f 22 66 29 5b 8c 7b b9 3b fa e7 df
                                                  Data Ascii: `b{_=V&@==r5F#Z/us iRkke5I"f)[{;5j0F7$v4Jo4c+;J|#0,N9Mu'l^DF+iL4\WB>To*+hiZa;;-c.T12=ZLXZbdBNRy
                                                  Jul 22, 2024 12:53:34.482265949 CEST1236INData Raw: e9 f9 49 6f 29 45 36 42 64 47 c0 f6 2b 3b 0d 4e 0b 0c 4f 75 f7 e1 a9 d9 62 7e b0 9e a9 0d 23 ac 38 b6 3e 0a 62 8b 00 d4 53 2a a0 b4 00 65 cd d9 c4 7d d3 d0 be 79 36 da 1f 52 38 aa 3e 71 45 bc 26 08 37 85 56 e2 ac 04 06 4f 33 f9 f7 c0 c6 d0 a7 69
                                                  Data Ascii: Io)E6BdG+;NOub~#8>bS*e}y6R8>qE&7VO3iGxK'~V~GP)s&KicA]YbA`>Y<xCbDs-H:J0S+9y h8.7BmJPl/T5(^,Ke}g#:zEf


                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                  19192.168.2.84977864.18.87.8280
                                                  TimestampBytes transferredDirectionData
                                                  Jul 22, 2024 12:53:34.249350071 CEST208OUTPOST /components.asmx HTTP/1.1
                                                  Content-Type: text/xml; charset=utf-8
                                                  SOAPAction: "http://tempuri.org/GetComponentsInfo"
                                                  Host: wc-update-service.lavasoft.com
                                                  Content-Length: 342
                                                  Connection: Keep-Alive
                                                  Jul 22, 2024 12:53:34.249394894 CEST342OUTData Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 20 78 6d 6c 6e 73 3a 78 73 69 3d
                                                  Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><GetComponentsInfo xmlns="http://tempuri.org/"><request><Platform>prod</
                                                  Jul 22, 2024 12:53:34.738436937 CEST1236INHTTP/1.1 200 OK
                                                  Server: nginx
                                                  Date: Mon, 22 Jul 2024 10:53:34 GMT
                                                  Content-Type: text/xml; charset=utf-8
                                                  Content-Length: 1461
                                                  Connection: keep-alive
                                                  Cache-Control: private, max-age=0
                                                  X-AspNet-Version: 4.0.30319
                                                  X-Powered-By: ASP.NET
                                                  Access-Control-Allow-Origin: http://webcompanion.com
                                                  Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 3c 73 6f 61 70 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 6f 61 70 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 78 6d 6c 6e 73 3a 78 73 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 20 78 6d 6c 6e 73 3a 78 73 64 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 22 3e 3c 73 6f 61 70 3a 42 6f 64 79 3e 3c 47 65 74 43 6f 6d 70 6f 6e 65 6e 74 73 49 6e 66 6f 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 47 65 74 43 6f 6d 70 6f 6e 65 6e 74 73 49 6e 66 6f 52 65 73 75 6c 74 3e 3c 43 6f 6d 70 6f 6e 65 6e 74 73 3e 3c 43 6f 6d 70 6f 6e 65 6e 74 49 6e 66 6f 52 65 73 70 6f 6e 73 65 3e 3c 4e 61 6d 65 [TRUNCATED]
                                                  Data Ascii: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><GetComponentsInfoResponse xmlns="http://tempuri.org/"><GetComponentsInfoResult><Components><ComponentInfoResponse><Name>installer</Name><Version>9.1.0.993</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/Installer.exe</DownloadUrl></ComponentInfoResponse><ComponentInfoResponse><Name>application</Name><Version>2.1.1117.2317</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/Installer.msi</DownloadUrl></ComponentInfoResponse><ComponentInfoResponse><Name>tcpservice</Name><Version>2.3.4.7</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/TcpService.msi</DownloadUrl></ComponentInfoResponse><ComponentInfoResponse><Name>42f00399-529e-4915-83ce-5b4c18049fc8</Name><V
                                                  Jul 22, 2024 12:53:34.738805056 CEST522INData Raw: 65 72 73 69 6f 6e 3e 39 2e 31 2e 30 2e 39 39 33 3c 2f 56 65 72 73 69 6f 6e 3e 3c 44 6f 77 6e 6c 6f 61 64 55 72 6c 3e 68 74 74 70 3a 2f 2f 77 63 64 6f 77 6e 6c 6f 61 64 65 72 63 64 6e 2e 6c 61 76 61 73 6f 66 74 2e 63 6f 6d 2f 39 2e 31 2e 30 2e 39
                                                  Data Ascii: ersion>9.1.0.993</Version><DownloadUrl>http://wcdownloadercdn.lavasoft.com/9.1.0.993/WcInstaller.exe</DownloadUrl></ComponentInfoResponse><ComponentInfoResponse><Name>webcompanion</Name><Version>9.1.0.993</Version><DownloadUrl>http://wcdownloa


                                                  HTTPS Proxied Packets

                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  0192.168.2.84970749.12.121.474432168C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:50:20 UTC158OUTGET /offer.php?v=1&c=2021a HTTP/1.1
                                                  User-Agent: NSIS_Inetc (Mozilla)
                                                  Host: offers.filezilla-project.org
                                                  Connection: Keep-Alive
                                                  Cache-Control: no-cache
                                                  2024-07-22 10:50:20 UTC409INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:50:20 GMT
                                                  Server: Apache
                                                  Cache-Control: no-store, must-revalidate
                                                  Strict-Transport-Security: max-age=315360000; includeSubDomains; preload
                                                  Upgrade: h2
                                                  Connection: Upgrade, close
                                                  Vary: Accept-Encoding
                                                  X-Content-Type-Options: nosniff
                                                  X-XSS-Protection: 1; mode=block
                                                  X-Frame-Options: deny
                                                  Transfer-Encoding: chunked
                                                  Content-Type: text/html; charset=UTF-8
                                                  2024-07-22 10:50:20 UTC7654INData Raw: 31 64 64 39 0d 0a 75 72 6c 0a 68 74 74 70 73 3a 2f 2f 6f 66 66 65 72 73 2e 66 69 6c 65 7a 69 6c 6c 61 2d 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 67 65 74 2e 70 68 70 3f 6f 66 66 65 72 3d 32 30 32 31 61 0a 66 69 6c 65 6e 61 6d 65 0a 57 63 49 6e 73 74 61 6c 6c 65 72 2e 65 78 65 0a 61 72 67 73 0a 2d 2d 73 69 6c 65 6e 74 20 2d 2d 70 61 72 74 6e 65 72 3d 46 5a 32 31 30 34 32 37 20 2d 2d 73 65 61 72 63 68 65 6e 62 6c 0a 73 6b 69 70 72 65 67 0a 48 4b 4c 4d 0a 53 4f 46 54 57 41 52 45 5c 4c 61 76 61 73 6f 66 74 5c 57 65 62 20 43 6f 6d 70 61 6e 69 6f 6e 0a 49 6e 73 74 61 6c 6c 65 64 0a 73 6b 69 70 72 65 67 0a 48 4b 43 55 0a 53 4f 46 54 57 41 52 45 5c 4c 61 76 61 73 6f 66 74 5c 57 65 62 20 43 6f 6d 70 61 6e 69 6f 6e 0a 49 6e 73 74 61 6c 6c 65 64 0a 63 6f 6e 74 72 6f 6c
                                                  Data Ascii: 1dd9urlhttps://offers.filezilla-project.org/get.php?offer=2021afilenameWcInstaller.exeargs--silent --partner=FZ210427 --searchenblskipregHKLMSOFTWARE\Lavasoft\Web CompanionInstalledskipregHKCUSOFTWARE\Lavasoft\Web CompanionInstalledcontrol


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  1192.168.2.84970849.12.121.474432168C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:50:29 UTC156OUTGET /get.php?offer=2021a HTTP/1.1
                                                  User-Agent: NSIS_Inetc (Mozilla)
                                                  Host: offers.filezilla-project.org
                                                  Connection: Keep-Alive
                                                  Cache-Control: no-cache
                                                  2024-07-22 10:50:30 UTC409INHTTP/1.1 302 Found
                                                  Date: Mon, 22 Jul 2024 10:50:30 GMT
                                                  Server: Apache
                                                  Strict-Transport-Security: max-age=315360000; includeSubDomains; preload
                                                  Upgrade: h2
                                                  Connection: Upgrade, close
                                                  Location: https://webcompanion.com/nano_download.php?partner=FZ210427
                                                  X-Content-Type-Options: nosniff
                                                  X-XSS-Protection: 1; mode=block
                                                  X-Frame-Options: deny
                                                  Content-Length: 0
                                                  Content-Type: text/html; charset=UTF-8


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  2192.168.2.849709104.19.208.1524432168C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:50:30 UTC159OUTGET /nano_download.php?partner=FZ210427 HTTP/1.1
                                                  User-Agent: NSIS_Inetc (Mozilla)
                                                  Connection: Keep-Alive
                                                  Cache-Control: no-cache
                                                  Host: webcompanion.com
                                                  2024-07-22 10:50:30 UTC500INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:50:30 GMT
                                                  Content-Type: application/octet-stream
                                                  Content-Length: 565920
                                                  Connection: close
                                                  X-Powered-By: PHP/7.2.34
                                                  Expires: Mon, 22 Jul 2024 10:55:30 GMT
                                                  Cache-Control: public, max-age=300
                                                  Pragma: public
                                                  Content-Disposition: attachment; filename=WcInstaller.exe
                                                  Content-Transfer-Encoding: binary
                                                  CF-Cache-Status: HIT
                                                  Age: 40
                                                  Last-Modified: Mon, 22 Jul 2024 10:49:50 GMT
                                                  Accept-Ranges: bytes
                                                  Server: cloudflare
                                                  CF-RAY: 8a72dec71ca34396-EWR
                                                  2024-07-22 10:50:30 UTC869INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 1e 1d 57 9d 7f 73 04 9d 7f 73 04 9d 7f 73 04 1e 63 7d 04 84 7f 73 04 ab 59 79 04 dd 7f 73 04 13 77 2c 04 9c 7f 73 04 9d 7f 72 04 2f 7f 73 04 1e 77 2e 04 94 7f 73 04 ab 59 78 04 d0 7f 73 04 f2 09 d9 04 9a 7f 73 04 f2 09 ed 04 9c 7f 73 04 5a 79 75 04 9c 7f 73 04 52 69 63 68 9d 7f 73 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 ce 88 ac 4d 00 00 00
                                                  Data Ascii: MZ@!L!This program cannot be run in DOS mode.$Wsssc}sYysw,sr/sw.sYxsssZyusRichsPELM
                                                  2024-07-22 10:50:30 UTC1369INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e9 00 00 00 00 c6 05 64 00 42 00 3b c6 05 78 00 42 00 3b c3 55 8b ec 81 ec 34 01 00 00 8b 45 08 53 56 57 a3 64 31 42 00 e8 4e 0a 00 00 6a 03 33 db 5f 8d 8d 68 ff ff ff 57 a2 68 31 42 00 89 9d 68 ff ff ff 89 9d 6c ff ff ff 89 9d 70 ff ff ff e8 38 11 00 00 57 8d 4d e4 89 5d e4 89 5d e8 89 5d ec e8 26
                                                  Data Ascii: dB;xB;U4ESVWd1BNj3_hWh1Bhlp8WM]]]&
                                                  2024-07-22 10:50:30 UTC1369INData Raw: e8 da 07 00 00 ff 35 60 00 42 00 8d 8d 74 ff ff ff e8 fb 3d 00 00 84 c0 75 19 38 5d 0b 75 0c ba 34 01 42 00 33 c9 e8 d7 f9 00 00 6a 01 5b e9 0a 05 00 00 6a 1c e8 45 25 00 00 8b f0 59 3b f3 74 13 8d 4e 08 89 5e 04 e8 20 0a 00 00 c7 06 30 b3 41 00 eb 02 33 f6 3b f3 74 06 8b 06 56 ff 50 04 8b ce e8 69 6a 00 00 85 c0 74 11 ba 0c 01 42 00 33 c9 e8 8b f9 00 00 e9 03 01 00 00 8d 85 78 ff ff ff 8d 8d 48 ff ff ff 50 e8 ca 07 00 00 57 8d 4d d8 88 5d ff 89 5d d8 89 5d dc 89 5d e0 e8 2c 0c 00 00 8d 45 d8 8d 55 9c 50 8d 45 ff 50 8d 85 48 ff ff ff ff b5 38 ff ff ff 8b ce 50 e8 7e 19 00 00 3b c3 74 74 38 5d 0b 75 67 83 f8 01 74 05 38 5d ff 74 28 6a 08 8d 8d 20 ff ff ff 5a e8 30 49 00 00 50 8d 4d d8 e8 05 08 00 00 ff b5 20 ff ff ff e8 ae 24 00 00 59 b8 05 40 00 80 3d 04
                                                  Data Ascii: 5`Bt=u8]u4B3j[jE%Y;tN^ 0A3;tVPijtB3xHPWM]]]],EUPEPH8P~;tt8]ugt8]t(j Z0IPM $Y@=
                                                  2024-07-22 10:50:30 UTC1369INData Raw: 00 00 ff b5 3c ff ff ff e8 3f 20 00 00 83 c4 0c ff 75 a8 e8 34 20 00 00 ff 75 9c e8 2c 20 00 00 ff 75 90 e8 24 20 00 00 ff 75 b4 e8 1c 20 00 00 ff 75 e4 e8 14 20 00 00 ff b5 68 ff ff ff e8 09 20 00 00 83 c4 18 8b c3 5f 5e 5b c9 c2 10 00 51 83 64 24 00 00 56 8b f1 6a 00 e8 18 23 00 00 8b c6 5e 59 c3 55 8b ec 81 ec 94 00 00 00 8d 85 6c ff ff ff c7 85 6c ff ff ff 94 00 00 00 50 ff 15 98 b0 41 00 85 c0 74 0e 83 bd 7c ff ff ff 02 75 05 6a 01 58 c9 c3 33 c0 c9 c3 56 8b 74 24 08 ff 4e 04 8b 46 04 75 14 85 f6 74 0e 8b ce e8 0d 00 00 00 56 e8 94 1f 00 00 59 33 c0 5e c2 04 00 b8 84 8e 41 00 e8 44 1c 01 00 51 56 8d 71 08 89 75 f0 c7 06 44 b3 41 00 83 65 fc 00 8b ce e8 50 28 00 00 83 4d fc ff 8b ce e8 1c 28 00 00 8b 4d f4 5e 64 89 0d 00 00 00 00 c9 c3 b8 98 8e 41 00
                                                  Data Ascii: <? u4 u, u$ u u h _^[Qd$Vj#^YUllPAt|ujX3Vt$NFutVY3^ADQVquDAeP(M(M^dA
                                                  2024-07-22 10:50:30 UTC1369INData Raw: 08 8b 43 0c 8b 0c 30 85 c9 89 4d fc 74 0e e8 2c 01 00 00 ff 75 fc e8 d8 1a 00 00 59 83 c6 04 ff 4d 08 75 dd 5e ff 75 0c 8b cb 57 e8 f7 24 00 00 5f 5b c9 c2 08 00 55 8b ec 51 53 8b d9 8b 4d 0c 57 8b 7d 08 8b 43 08 03 cf 3b c8 7e 05 2b c7 89 45 0c 8b 45 0c 85 c0 7e 2d 56 8b f7 c1 e6 02 89 45 08 8b 43 0c 8b 0c 30 85 c9 89 4d fc 74 0e e8 78 01 00 00 ff 75 fc e8 77 1a 00 00 59 83 c6 04 ff 4d 08 75 dd 5e ff 75 0c 8b cb 57 e8 96 24 00 00 5f 5b c9 c2 08 00 56 8b f1 e8 14 00 00 00 f6 44 24 08 01 74 07 56 e8 47 1a 00 00 59 8b c6 5e c2 04 00 b8 ac 8e 41 00 e8 f7 16 01 00 51 56 8b f1 89 75 f0 c7 06 44 b3 41 00 83 65 fc 00 e8 06 23 00 00 83 4d fc ff 8b ce e8 d2 22 00 00 8b 4d f4 5e 64 89 0d 00 00 00 00 c9 c3 56 8b f1 e8 14 00 00 00 f6 44 24 08 01 74 07 56 e8 f3 19 00
                                                  Data Ascii: C0Mt,uYMu^uW$_[UQSMW}C;~+EE~-VEC0MtxuwYMu^uW$_[VD$tVGY^AQVuDAe#M"M^dVD$tV
                                                  2024-07-22 10:50:30 UTC1369INData Raw: eb 0f 33 c0 83 ff 08 0f 9e c0 48 83 e0 0c 83 c0 04 8d 14 30 3b d3 7d 04 2b de 8b c3 03 f8 57 e8 6e ff ff ff 5f 5e 5b c2 04 00 53 56 8b 5c 24 0c 57 8b f9 8b 37 66 8b 16 8b 0b e8 66 15 00 00 85 c0 7c 0d 66 83 3e 00 74 07 46 46 66 8b 16 eb e8 2b 37 8b cf d1 fe 56 6a 00 e8 e4 fe ff ff 5f 5e 5b c2 04 00 53 8b d9 56 57 8b 3b 33 f6 66 8b 17 66 85 d2 74 39 8b 44 24 10 8b 08 e8 25 15 00 00 85 c0 7c 08 85 f6 75 06 8b f7 eb 02 33 f6 47 47 66 8b 17 66 85 d2 75 dd 85 f6 74 12 2b 33 8b 43 04 8b cb d1 fe 2b c6 50 56 e8 94 fe ff ff 5f 5e 5b c2 04 00 53 56 8b f1 57 8b 7c 24 10 8b 46 04 39 07 7e 02 89 07 8b 5c 24 14 8b ce 53 e8 46 fc ff ff 8b 07 8b 0e 8b d0 69 d2 ff ff ff 7f 03 56 04 8d 54 12 02 52 8d 14 41 03 c3 52 8d 04 41 50 e8 92 11 01 00 83 c4 0c 5f 5e 5b c2 08 00 b8
                                                  Data Ascii: 3H0;}+Wn_^[SV\$W7ff|f>tFFf+7Vj_^[SVW;3fft9D$%|u3GGffut+3C+PV_^[SVW|$F9~\$SFiVTRARAP_^[
                                                  2024-07-22 10:50:30 UTC1369INData Raw: 8d 4d e8 c6 45 fc 04 e8 01 1b 00 00 39 5d cc 75 0c 89 7d c4 c6 45 fc 05 e9 f3 00 00 00 8d 45 e8 8d 4d 9c 50 e8 cb f2 ff ff 38 5e 40 c6 45 fc 06 75 08 8d 4d c4 e8 f5 18 00 00 39 5d cc 74 10 38 5d 0b 75 0b 8d 45 c4 8b ce 50 e8 36 fd ff ff 8d 45 9c 8d 56 10 50 8d 4d b8 e8 b5 fb ff ff 38 5e 40 c6 45 fc 07 74 42 83 c6 28 8d 45 b8 50 8b ce e8 18 f3 ff ff 38 5d 0b 8b 0e 74 07 e8 0c 1f 00 00 eb 0b ff 75 0c 33 d2 53 e8 58 1e 00 00 ff 75 b8 e8 ab 0f 00 00 ff 75 9c e8 a3 0f 00 00 59 89 7d c4 59 c6 45 fc 08 eb 6c 8d 8d 7c ff ff ff e8 c7 f1 ff ff ff 75 b8 8d 8d 54 ff ff ff c6 45 fc 09 e8 38 2b 00 00 84 c0 0f 84 83 00 00 00 8b 4d b8 e8 31 21 00 00 84 c0 75 77 ff 35 80 02 42 00 8d 8e e4 00 00 00 e8 43 f2 ff ff ff b5 7c ff ff ff e8 4b 0f 00 00 ff 75 b8 e8 43 0f 00 00 ff
                                                  Data Ascii: ME9]u}EEMP8^@EuM9]t8]uEP6EVPM8^@EtB(EP8]tu3SXuuY}YEl|uTE8+M1!uw5BC|KuC
                                                  2024-07-22 10:50:30 UTC1369INData Raw: 5d 0c 0f 84 9d 00 00 00 8b 45 88 c7 80 d8 00 00 00 01 00 00 00 89 5d 0c 8d 85 6c ff ff ff ba ca 32 40 00 50 8d 4d 0c c6 45 fc 02 e8 45 00 01 00 8b f0 3b f3 74 0d 8d 4d 0c e8 f7 ff 00 00 e9 a1 00 00 00 6a 03 8d 4d e8 89 5d e8 89 5d ec 89 5d f0 e8 bc f1 ff ff 6a 45 8d 4d dc 5a c6 45 fc 03 e8 f1 2e 00 00 50 8d 4d e8 c6 45 fc 04 e8 c2 ed ff ff c6 45 fc 03 ff 75 dc e8 6a 0a 00 00 59 8d 45 0c 8b 4d 88 50 8d 45 e8 50 e8 7c 00 00 00 ff 75 e8 e8 51 0a 00 00 59 88 5d fc 8d 4d 0c e8 92 ff 00 00 eb 0b 8d 8d 6c ff ff ff e8 d1 00 00 00 8b 75 14 8d 45 d0 50 8b ce e8 76 ed ff ff 39 5e 04 75 10 8b 45 88 8b ce 05 e4 00 00 00 50 e8 61 ed ff ff 8b 45 88 8b 4d 10 8b 75 cc 8a 80 e0 00 00 00 88 01 83 4d fc ff 8d 8d 6c ff ff ff e8 05 04 00 00 8b 4d f4 8b c6 5f 5e 5b 64 89 0d 00
                                                  Data Ascii: ]E]l2@PMEE;tMjM]]]jEMZE.PMEEujYEMPEP|uQY]MluEPv9^uEPaEMuMlM_^[d
                                                  2024-07-22 10:50:30 UTC1369INData Raw: 01 00 51 56 8b f1 57 33 ff c7 06 d4 b3 41 00 c7 46 04 c8 b3 41 00 89 7e 08 89 75 f0 89 7e 0c 8d 4e 10 6a 03 89 7d fc 89 39 89 79 04 89 79 08 e8 85 ec ff ff 8d 4e 1c 6a 03 c6 45 fc 01 89 39 89 79 04 89 79 08 e8 6f ec ff ff 8d 4e 28 6a 03 c6 45 fc 02 89 39 89 79 04 89 79 08 e8 59 ec ff ff 89 7e 4c 8d 4e 50 6a 03 c6 45 fc 04 89 39 89 79 04 89 79 08 e8 40 ec ff ff 8d 4e 68 c6 45 fc 05 e8 36 00 00 00 8d 8e e4 00 00 00 6a 03 c6 45 fc 06 89 39 89 79 04 89 79 08 e8 1b ec ff ff 8b 4d f4 c7 06 a4 b3 41 00 c7 46 04 98 b3 41 00 8b c6 5f 5e 64 89 0d 00 00 00 00 c9 c3 b8 b5 91 41 00 e8 8b 01 01 00 51 51 53 56 8b f1 33 db 57 89 75 ec 89 5e 04 c7 06 24 b4 41 00 8d 4e 0c 89 5e 08 6a 03 89 5d fc 89 19 89 59 04 89 59 08 e8 c7 eb ff ff 8d 7e 3c 89 5e 30 89 1f 8d 4e 40 c6 45
                                                  Data Ascii: QVW3AFA~u~Nj}9yyNjE9yyoN(jE9yyY~LNPjE9yy@NhE6jE9yyMAFA_^dAQQSV3Wu^$AN^j]YY~<^0N@E
                                                  2024-07-22 10:50:30 UTC1369INData Raw: 7f ec 8b 45 fc 5f 5e 5b 66 83 20 00 c9 c2 08 00 55 8b ec ff 75 08 e8 ed 01 01 00 85 c0 59 75 14 8a 45 0b 68 68 c6 41 00 88 45 0b 8d 45 0b 50 e8 ac 00 01 00 5d c3 ff 74 24 04 e8 03 03 01 00 59 c3 56 66 8b 31 8b c1 66 3b f2 74 0c 66 85 f6 74 0d 40 40 66 8b 30 eb ef 2b c1 5e d1 f8 c3 83 c8 ff 5e c3 55 8b ec 51 51 53 33 db 66 3b cb 56 66 89 4d fe 75 05 66 33 c0 eb 66 0f b7 c1 50 ff 15 d4 b1 41 00 8b f0 3b f3 75 53 ff 15 b0 b0 41 00 83 f8 78 75 48 53 53 8d 45 f8 6a 04 50 8d 45 fe 6a 01 50 53 53 ff 15 ac b0 41 00 8b f0 3b f3 74 26 83 fe 04 7f 21 8d 45 f8 88 5c 35 f8 50 ff 15 d8 b1 41 00 8d 45 fe 6a 01 50 8d 45 f8 56 50 53 53 ff 15 a8 b0 41 00 66 8b 45 fe eb 03 66 8b c6 5e 5b c9 c3 56 66 8b 01 66 8b 32 41 41 42 42 66 3b c6 72 09 77 0c 66 85 c0 74 0c eb e8 83 c8
                                                  Data Ascii: E_^[f UuYuEhhAEEP]t$YVf1f;tft@@f0+^^UQQS3f;VfMuf3fPA;uSAxuHSSEjPEjPSSA;t&!E\5PAEjPEVPSSAfEf^[Vff2AABBf;rwft


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  3192.168.2.84971449.12.121.474432168C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:50:36 UTC156OUTGET /get.php?offer=2021a HTTP/1.1
                                                  User-Agent: NSIS_Inetc (Mozilla)
                                                  Host: offers.filezilla-project.org
                                                  Connection: Keep-Alive
                                                  Cache-Control: no-cache
                                                  2024-07-22 10:50:36 UTC409INHTTP/1.1 302 Found
                                                  Date: Mon, 22 Jul 2024 10:50:36 GMT
                                                  Server: Apache
                                                  Strict-Transport-Security: max-age=315360000; includeSubDomains; preload
                                                  Upgrade: h2
                                                  Connection: Upgrade, close
                                                  Location: https://webcompanion.com/nano_download.php?partner=FZ210427
                                                  X-Content-Type-Options: nosniff
                                                  X-XSS-Protection: 1; mode=block
                                                  X-Frame-Options: deny
                                                  Content-Length: 0
                                                  Content-Type: text/html; charset=UTF-8


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  4192.168.2.849715104.19.208.1524432168C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:50:37 UTC159OUTGET /nano_download.php?partner=FZ210427 HTTP/1.1
                                                  User-Agent: NSIS_Inetc (Mozilla)
                                                  Connection: Keep-Alive
                                                  Cache-Control: no-cache
                                                  Host: webcompanion.com
                                                  2024-07-22 10:50:37 UTC500INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:50:37 GMT
                                                  Content-Type: application/octet-stream
                                                  Content-Length: 565920
                                                  Connection: close
                                                  X-Powered-By: PHP/7.2.34
                                                  Expires: Mon, 22 Jul 2024 10:55:37 GMT
                                                  Cache-Control: public, max-age=300
                                                  Pragma: public
                                                  Content-Disposition: attachment; filename=WcInstaller.exe
                                                  Content-Transfer-Encoding: binary
                                                  CF-Cache-Status: HIT
                                                  Age: 47
                                                  Last-Modified: Mon, 22 Jul 2024 10:49:50 GMT
                                                  Accept-Ranges: bytes
                                                  Server: cloudflare
                                                  CF-RAY: 8a72deedffe08ce9-EWR
                                                  2024-07-22 10:50:37 UTC869INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 1e 1d 57 9d 7f 73 04 9d 7f 73 04 9d 7f 73 04 1e 63 7d 04 84 7f 73 04 ab 59 79 04 dd 7f 73 04 13 77 2c 04 9c 7f 73 04 9d 7f 72 04 2f 7f 73 04 1e 77 2e 04 94 7f 73 04 ab 59 78 04 d0 7f 73 04 f2 09 d9 04 9a 7f 73 04 f2 09 ed 04 9c 7f 73 04 5a 79 75 04 9c 7f 73 04 52 69 63 68 9d 7f 73 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 ce 88 ac 4d 00 00 00
                                                  Data Ascii: MZ@!L!This program cannot be run in DOS mode.$Wsssc}sYysw,sr/sw.sYxsssZyusRichsPELM
                                                  2024-07-22 10:50:37 UTC1369INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e9 00 00 00 00 c6 05 64 00 42 00 3b c6 05 78 00 42 00 3b c3 55 8b ec 81 ec 34 01 00 00 8b 45 08 53 56 57 a3 64 31 42 00 e8 4e 0a 00 00 6a 03 33 db 5f 8d 8d 68 ff ff ff 57 a2 68 31 42 00 89 9d 68 ff ff ff 89 9d 6c ff ff ff 89 9d 70 ff ff ff e8 38 11 00 00 57 8d 4d e4 89 5d e4 89 5d e8 89 5d ec e8 26
                                                  Data Ascii: dB;xB;U4ESVWd1BNj3_hWh1Bhlp8WM]]]&
                                                  2024-07-22 10:50:37 UTC1369INData Raw: e8 da 07 00 00 ff 35 60 00 42 00 8d 8d 74 ff ff ff e8 fb 3d 00 00 84 c0 75 19 38 5d 0b 75 0c ba 34 01 42 00 33 c9 e8 d7 f9 00 00 6a 01 5b e9 0a 05 00 00 6a 1c e8 45 25 00 00 8b f0 59 3b f3 74 13 8d 4e 08 89 5e 04 e8 20 0a 00 00 c7 06 30 b3 41 00 eb 02 33 f6 3b f3 74 06 8b 06 56 ff 50 04 8b ce e8 69 6a 00 00 85 c0 74 11 ba 0c 01 42 00 33 c9 e8 8b f9 00 00 e9 03 01 00 00 8d 85 78 ff ff ff 8d 8d 48 ff ff ff 50 e8 ca 07 00 00 57 8d 4d d8 88 5d ff 89 5d d8 89 5d dc 89 5d e0 e8 2c 0c 00 00 8d 45 d8 8d 55 9c 50 8d 45 ff 50 8d 85 48 ff ff ff ff b5 38 ff ff ff 8b ce 50 e8 7e 19 00 00 3b c3 74 74 38 5d 0b 75 67 83 f8 01 74 05 38 5d ff 74 28 6a 08 8d 8d 20 ff ff ff 5a e8 30 49 00 00 50 8d 4d d8 e8 05 08 00 00 ff b5 20 ff ff ff e8 ae 24 00 00 59 b8 05 40 00 80 3d 04
                                                  Data Ascii: 5`Bt=u8]u4B3j[jE%Y;tN^ 0A3;tVPijtB3xHPWM]]]],EUPEPH8P~;tt8]ugt8]t(j Z0IPM $Y@=
                                                  2024-07-22 10:50:37 UTC1369INData Raw: 00 00 ff b5 3c ff ff ff e8 3f 20 00 00 83 c4 0c ff 75 a8 e8 34 20 00 00 ff 75 9c e8 2c 20 00 00 ff 75 90 e8 24 20 00 00 ff 75 b4 e8 1c 20 00 00 ff 75 e4 e8 14 20 00 00 ff b5 68 ff ff ff e8 09 20 00 00 83 c4 18 8b c3 5f 5e 5b c9 c2 10 00 51 83 64 24 00 00 56 8b f1 6a 00 e8 18 23 00 00 8b c6 5e 59 c3 55 8b ec 81 ec 94 00 00 00 8d 85 6c ff ff ff c7 85 6c ff ff ff 94 00 00 00 50 ff 15 98 b0 41 00 85 c0 74 0e 83 bd 7c ff ff ff 02 75 05 6a 01 58 c9 c3 33 c0 c9 c3 56 8b 74 24 08 ff 4e 04 8b 46 04 75 14 85 f6 74 0e 8b ce e8 0d 00 00 00 56 e8 94 1f 00 00 59 33 c0 5e c2 04 00 b8 84 8e 41 00 e8 44 1c 01 00 51 56 8d 71 08 89 75 f0 c7 06 44 b3 41 00 83 65 fc 00 8b ce e8 50 28 00 00 83 4d fc ff 8b ce e8 1c 28 00 00 8b 4d f4 5e 64 89 0d 00 00 00 00 c9 c3 b8 98 8e 41 00
                                                  Data Ascii: <? u4 u, u$ u u h _^[Qd$Vj#^YUllPAt|ujX3Vt$NFutVY3^ADQVquDAeP(M(M^dA
                                                  2024-07-22 10:50:37 UTC1369INData Raw: 08 8b 43 0c 8b 0c 30 85 c9 89 4d fc 74 0e e8 2c 01 00 00 ff 75 fc e8 d8 1a 00 00 59 83 c6 04 ff 4d 08 75 dd 5e ff 75 0c 8b cb 57 e8 f7 24 00 00 5f 5b c9 c2 08 00 55 8b ec 51 53 8b d9 8b 4d 0c 57 8b 7d 08 8b 43 08 03 cf 3b c8 7e 05 2b c7 89 45 0c 8b 45 0c 85 c0 7e 2d 56 8b f7 c1 e6 02 89 45 08 8b 43 0c 8b 0c 30 85 c9 89 4d fc 74 0e e8 78 01 00 00 ff 75 fc e8 77 1a 00 00 59 83 c6 04 ff 4d 08 75 dd 5e ff 75 0c 8b cb 57 e8 96 24 00 00 5f 5b c9 c2 08 00 56 8b f1 e8 14 00 00 00 f6 44 24 08 01 74 07 56 e8 47 1a 00 00 59 8b c6 5e c2 04 00 b8 ac 8e 41 00 e8 f7 16 01 00 51 56 8b f1 89 75 f0 c7 06 44 b3 41 00 83 65 fc 00 e8 06 23 00 00 83 4d fc ff 8b ce e8 d2 22 00 00 8b 4d f4 5e 64 89 0d 00 00 00 00 c9 c3 56 8b f1 e8 14 00 00 00 f6 44 24 08 01 74 07 56 e8 f3 19 00
                                                  Data Ascii: C0Mt,uYMu^uW$_[UQSMW}C;~+EE~-VEC0MtxuwYMu^uW$_[VD$tVGY^AQVuDAe#M"M^dVD$tV
                                                  2024-07-22 10:50:37 UTC1369INData Raw: eb 0f 33 c0 83 ff 08 0f 9e c0 48 83 e0 0c 83 c0 04 8d 14 30 3b d3 7d 04 2b de 8b c3 03 f8 57 e8 6e ff ff ff 5f 5e 5b c2 04 00 53 56 8b 5c 24 0c 57 8b f9 8b 37 66 8b 16 8b 0b e8 66 15 00 00 85 c0 7c 0d 66 83 3e 00 74 07 46 46 66 8b 16 eb e8 2b 37 8b cf d1 fe 56 6a 00 e8 e4 fe ff ff 5f 5e 5b c2 04 00 53 8b d9 56 57 8b 3b 33 f6 66 8b 17 66 85 d2 74 39 8b 44 24 10 8b 08 e8 25 15 00 00 85 c0 7c 08 85 f6 75 06 8b f7 eb 02 33 f6 47 47 66 8b 17 66 85 d2 75 dd 85 f6 74 12 2b 33 8b 43 04 8b cb d1 fe 2b c6 50 56 e8 94 fe ff ff 5f 5e 5b c2 04 00 53 56 8b f1 57 8b 7c 24 10 8b 46 04 39 07 7e 02 89 07 8b 5c 24 14 8b ce 53 e8 46 fc ff ff 8b 07 8b 0e 8b d0 69 d2 ff ff ff 7f 03 56 04 8d 54 12 02 52 8d 14 41 03 c3 52 8d 04 41 50 e8 92 11 01 00 83 c4 0c 5f 5e 5b c2 08 00 b8
                                                  Data Ascii: 3H0;}+Wn_^[SV\$W7ff|f>tFFf+7Vj_^[SVW;3fft9D$%|u3GGffut+3C+PV_^[SVW|$F9~\$SFiVTRARAP_^[
                                                  2024-07-22 10:50:37 UTC1369INData Raw: 8d 4d e8 c6 45 fc 04 e8 01 1b 00 00 39 5d cc 75 0c 89 7d c4 c6 45 fc 05 e9 f3 00 00 00 8d 45 e8 8d 4d 9c 50 e8 cb f2 ff ff 38 5e 40 c6 45 fc 06 75 08 8d 4d c4 e8 f5 18 00 00 39 5d cc 74 10 38 5d 0b 75 0b 8d 45 c4 8b ce 50 e8 36 fd ff ff 8d 45 9c 8d 56 10 50 8d 4d b8 e8 b5 fb ff ff 38 5e 40 c6 45 fc 07 74 42 83 c6 28 8d 45 b8 50 8b ce e8 18 f3 ff ff 38 5d 0b 8b 0e 74 07 e8 0c 1f 00 00 eb 0b ff 75 0c 33 d2 53 e8 58 1e 00 00 ff 75 b8 e8 ab 0f 00 00 ff 75 9c e8 a3 0f 00 00 59 89 7d c4 59 c6 45 fc 08 eb 6c 8d 8d 7c ff ff ff e8 c7 f1 ff ff ff 75 b8 8d 8d 54 ff ff ff c6 45 fc 09 e8 38 2b 00 00 84 c0 0f 84 83 00 00 00 8b 4d b8 e8 31 21 00 00 84 c0 75 77 ff 35 80 02 42 00 8d 8e e4 00 00 00 e8 43 f2 ff ff ff b5 7c ff ff ff e8 4b 0f 00 00 ff 75 b8 e8 43 0f 00 00 ff
                                                  Data Ascii: ME9]u}EEMP8^@EuM9]t8]uEP6EVPM8^@EtB(EP8]tu3SXuuY}YEl|uTE8+M1!uw5BC|KuC
                                                  2024-07-22 10:50:37 UTC1369INData Raw: 5d 0c 0f 84 9d 00 00 00 8b 45 88 c7 80 d8 00 00 00 01 00 00 00 89 5d 0c 8d 85 6c ff ff ff ba ca 32 40 00 50 8d 4d 0c c6 45 fc 02 e8 45 00 01 00 8b f0 3b f3 74 0d 8d 4d 0c e8 f7 ff 00 00 e9 a1 00 00 00 6a 03 8d 4d e8 89 5d e8 89 5d ec 89 5d f0 e8 bc f1 ff ff 6a 45 8d 4d dc 5a c6 45 fc 03 e8 f1 2e 00 00 50 8d 4d e8 c6 45 fc 04 e8 c2 ed ff ff c6 45 fc 03 ff 75 dc e8 6a 0a 00 00 59 8d 45 0c 8b 4d 88 50 8d 45 e8 50 e8 7c 00 00 00 ff 75 e8 e8 51 0a 00 00 59 88 5d fc 8d 4d 0c e8 92 ff 00 00 eb 0b 8d 8d 6c ff ff ff e8 d1 00 00 00 8b 75 14 8d 45 d0 50 8b ce e8 76 ed ff ff 39 5e 04 75 10 8b 45 88 8b ce 05 e4 00 00 00 50 e8 61 ed ff ff 8b 45 88 8b 4d 10 8b 75 cc 8a 80 e0 00 00 00 88 01 83 4d fc ff 8d 8d 6c ff ff ff e8 05 04 00 00 8b 4d f4 8b c6 5f 5e 5b 64 89 0d 00
                                                  Data Ascii: ]E]l2@PMEE;tMjM]]]jEMZE.PMEEujYEMPEP|uQY]MluEPv9^uEPaEMuMlM_^[d
                                                  2024-07-22 10:50:37 UTC1369INData Raw: 01 00 51 56 8b f1 57 33 ff c7 06 d4 b3 41 00 c7 46 04 c8 b3 41 00 89 7e 08 89 75 f0 89 7e 0c 8d 4e 10 6a 03 89 7d fc 89 39 89 79 04 89 79 08 e8 85 ec ff ff 8d 4e 1c 6a 03 c6 45 fc 01 89 39 89 79 04 89 79 08 e8 6f ec ff ff 8d 4e 28 6a 03 c6 45 fc 02 89 39 89 79 04 89 79 08 e8 59 ec ff ff 89 7e 4c 8d 4e 50 6a 03 c6 45 fc 04 89 39 89 79 04 89 79 08 e8 40 ec ff ff 8d 4e 68 c6 45 fc 05 e8 36 00 00 00 8d 8e e4 00 00 00 6a 03 c6 45 fc 06 89 39 89 79 04 89 79 08 e8 1b ec ff ff 8b 4d f4 c7 06 a4 b3 41 00 c7 46 04 98 b3 41 00 8b c6 5f 5e 64 89 0d 00 00 00 00 c9 c3 b8 b5 91 41 00 e8 8b 01 01 00 51 51 53 56 8b f1 33 db 57 89 75 ec 89 5e 04 c7 06 24 b4 41 00 8d 4e 0c 89 5e 08 6a 03 89 5d fc 89 19 89 59 04 89 59 08 e8 c7 eb ff ff 8d 7e 3c 89 5e 30 89 1f 8d 4e 40 c6 45
                                                  Data Ascii: QVW3AFA~u~Nj}9yyNjE9yyoN(jE9yyY~LNPjE9yy@NhE6jE9yyMAFA_^dAQQSV3Wu^$AN^j]YY~<^0N@E
                                                  2024-07-22 10:50:37 UTC1369INData Raw: 7f ec 8b 45 fc 5f 5e 5b 66 83 20 00 c9 c2 08 00 55 8b ec ff 75 08 e8 ed 01 01 00 85 c0 59 75 14 8a 45 0b 68 68 c6 41 00 88 45 0b 8d 45 0b 50 e8 ac 00 01 00 5d c3 ff 74 24 04 e8 03 03 01 00 59 c3 56 66 8b 31 8b c1 66 3b f2 74 0c 66 85 f6 74 0d 40 40 66 8b 30 eb ef 2b c1 5e d1 f8 c3 83 c8 ff 5e c3 55 8b ec 51 51 53 33 db 66 3b cb 56 66 89 4d fe 75 05 66 33 c0 eb 66 0f b7 c1 50 ff 15 d4 b1 41 00 8b f0 3b f3 75 53 ff 15 b0 b0 41 00 83 f8 78 75 48 53 53 8d 45 f8 6a 04 50 8d 45 fe 6a 01 50 53 53 ff 15 ac b0 41 00 8b f0 3b f3 74 26 83 fe 04 7f 21 8d 45 f8 88 5c 35 f8 50 ff 15 d8 b1 41 00 8d 45 fe 6a 01 50 8d 45 f8 56 50 53 53 ff 15 a8 b0 41 00 66 8b 45 fe eb 03 66 8b c6 5e 5b c9 c3 56 66 8b 01 66 8b 32 41 41 42 42 66 3b c6 72 09 77 0c 66 85 c0 74 0c eb e8 83 c8
                                                  Data Ascii: E_^[f UuYuEhhAEEP]t$YVf1f;tft@@f0+^^UQQS3f;VfMuf3fPA;uSAxuHSSEjPEjPSSA;t&!E\5PAEjPEVPSSAfEf^[Vff2AABBf;rwft


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  5192.168.2.84971649.12.121.474432168C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:50:37 UTC156OUTGET /get.php?offer=2021a HTTP/1.1
                                                  User-Agent: NSIS_Inetc (Mozilla)
                                                  Host: offers.filezilla-project.org
                                                  Connection: Keep-Alive
                                                  Cache-Control: no-cache
                                                  2024-07-22 10:50:37 UTC409INHTTP/1.1 302 Found
                                                  Date: Mon, 22 Jul 2024 10:50:37 GMT
                                                  Server: Apache
                                                  Strict-Transport-Security: max-age=315360000; includeSubDomains; preload
                                                  Upgrade: h2
                                                  Connection: Upgrade, close
                                                  Location: https://webcompanion.com/nano_download.php?partner=FZ210427
                                                  X-Content-Type-Options: nosniff
                                                  X-XSS-Protection: 1; mode=block
                                                  X-Frame-Options: deny
                                                  Content-Length: 0
                                                  Content-Type: text/html; charset=UTF-8


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  6192.168.2.849717104.19.208.1524432168C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:50:38 UTC159OUTGET /nano_download.php?partner=FZ210427 HTTP/1.1
                                                  User-Agent: NSIS_Inetc (Mozilla)
                                                  Connection: Keep-Alive
                                                  Cache-Control: no-cache
                                                  Host: webcompanion.com
                                                  2024-07-22 10:50:38 UTC500INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:50:38 GMT
                                                  Content-Type: application/octet-stream
                                                  Content-Length: 565920
                                                  Connection: close
                                                  X-Powered-By: PHP/7.2.34
                                                  Expires: Mon, 22 Jul 2024 10:55:38 GMT
                                                  Cache-Control: public, max-age=300
                                                  Pragma: public
                                                  Content-Disposition: attachment; filename=WcInstaller.exe
                                                  Content-Transfer-Encoding: binary
                                                  CF-Cache-Status: HIT
                                                  Age: 48
                                                  Last-Modified: Mon, 22 Jul 2024 10:49:50 GMT
                                                  Accept-Ranges: bytes
                                                  Server: cloudflare
                                                  CF-RAY: 8a72def44ea35e86-EWR
                                                  2024-07-22 10:50:38 UTC869INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 1e 1d 57 9d 7f 73 04 9d 7f 73 04 9d 7f 73 04 1e 63 7d 04 84 7f 73 04 ab 59 79 04 dd 7f 73 04 13 77 2c 04 9c 7f 73 04 9d 7f 72 04 2f 7f 73 04 1e 77 2e 04 94 7f 73 04 ab 59 78 04 d0 7f 73 04 f2 09 d9 04 9a 7f 73 04 f2 09 ed 04 9c 7f 73 04 5a 79 75 04 9c 7f 73 04 52 69 63 68 9d 7f 73 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 ce 88 ac 4d 00 00 00
                                                  Data Ascii: MZ@!L!This program cannot be run in DOS mode.$Wsssc}sYysw,sr/sw.sYxsssZyusRichsPELM
                                                  2024-07-22 10:50:38 UTC1369INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e9 00 00 00 00 c6 05 64 00 42 00 3b c6 05 78 00 42 00 3b c3 55 8b ec 81 ec 34 01 00 00 8b 45 08 53 56 57 a3 64 31 42 00 e8 4e 0a 00 00 6a 03 33 db 5f 8d 8d 68 ff ff ff 57 a2 68 31 42 00 89 9d 68 ff ff ff 89 9d 6c ff ff ff 89 9d 70 ff ff ff e8 38 11 00 00 57 8d 4d e4 89 5d e4 89 5d e8 89 5d ec e8 26
                                                  Data Ascii: dB;xB;U4ESVWd1BNj3_hWh1Bhlp8WM]]]&
                                                  2024-07-22 10:50:38 UTC1369INData Raw: e8 da 07 00 00 ff 35 60 00 42 00 8d 8d 74 ff ff ff e8 fb 3d 00 00 84 c0 75 19 38 5d 0b 75 0c ba 34 01 42 00 33 c9 e8 d7 f9 00 00 6a 01 5b e9 0a 05 00 00 6a 1c e8 45 25 00 00 8b f0 59 3b f3 74 13 8d 4e 08 89 5e 04 e8 20 0a 00 00 c7 06 30 b3 41 00 eb 02 33 f6 3b f3 74 06 8b 06 56 ff 50 04 8b ce e8 69 6a 00 00 85 c0 74 11 ba 0c 01 42 00 33 c9 e8 8b f9 00 00 e9 03 01 00 00 8d 85 78 ff ff ff 8d 8d 48 ff ff ff 50 e8 ca 07 00 00 57 8d 4d d8 88 5d ff 89 5d d8 89 5d dc 89 5d e0 e8 2c 0c 00 00 8d 45 d8 8d 55 9c 50 8d 45 ff 50 8d 85 48 ff ff ff ff b5 38 ff ff ff 8b ce 50 e8 7e 19 00 00 3b c3 74 74 38 5d 0b 75 67 83 f8 01 74 05 38 5d ff 74 28 6a 08 8d 8d 20 ff ff ff 5a e8 30 49 00 00 50 8d 4d d8 e8 05 08 00 00 ff b5 20 ff ff ff e8 ae 24 00 00 59 b8 05 40 00 80 3d 04
                                                  Data Ascii: 5`Bt=u8]u4B3j[jE%Y;tN^ 0A3;tVPijtB3xHPWM]]]],EUPEPH8P~;tt8]ugt8]t(j Z0IPM $Y@=
                                                  2024-07-22 10:50:38 UTC1369INData Raw: 00 00 ff b5 3c ff ff ff e8 3f 20 00 00 83 c4 0c ff 75 a8 e8 34 20 00 00 ff 75 9c e8 2c 20 00 00 ff 75 90 e8 24 20 00 00 ff 75 b4 e8 1c 20 00 00 ff 75 e4 e8 14 20 00 00 ff b5 68 ff ff ff e8 09 20 00 00 83 c4 18 8b c3 5f 5e 5b c9 c2 10 00 51 83 64 24 00 00 56 8b f1 6a 00 e8 18 23 00 00 8b c6 5e 59 c3 55 8b ec 81 ec 94 00 00 00 8d 85 6c ff ff ff c7 85 6c ff ff ff 94 00 00 00 50 ff 15 98 b0 41 00 85 c0 74 0e 83 bd 7c ff ff ff 02 75 05 6a 01 58 c9 c3 33 c0 c9 c3 56 8b 74 24 08 ff 4e 04 8b 46 04 75 14 85 f6 74 0e 8b ce e8 0d 00 00 00 56 e8 94 1f 00 00 59 33 c0 5e c2 04 00 b8 84 8e 41 00 e8 44 1c 01 00 51 56 8d 71 08 89 75 f0 c7 06 44 b3 41 00 83 65 fc 00 8b ce e8 50 28 00 00 83 4d fc ff 8b ce e8 1c 28 00 00 8b 4d f4 5e 64 89 0d 00 00 00 00 c9 c3 b8 98 8e 41 00
                                                  Data Ascii: <? u4 u, u$ u u h _^[Qd$Vj#^YUllPAt|ujX3Vt$NFutVY3^ADQVquDAeP(M(M^dA
                                                  2024-07-22 10:50:38 UTC1369INData Raw: 08 8b 43 0c 8b 0c 30 85 c9 89 4d fc 74 0e e8 2c 01 00 00 ff 75 fc e8 d8 1a 00 00 59 83 c6 04 ff 4d 08 75 dd 5e ff 75 0c 8b cb 57 e8 f7 24 00 00 5f 5b c9 c2 08 00 55 8b ec 51 53 8b d9 8b 4d 0c 57 8b 7d 08 8b 43 08 03 cf 3b c8 7e 05 2b c7 89 45 0c 8b 45 0c 85 c0 7e 2d 56 8b f7 c1 e6 02 89 45 08 8b 43 0c 8b 0c 30 85 c9 89 4d fc 74 0e e8 78 01 00 00 ff 75 fc e8 77 1a 00 00 59 83 c6 04 ff 4d 08 75 dd 5e ff 75 0c 8b cb 57 e8 96 24 00 00 5f 5b c9 c2 08 00 56 8b f1 e8 14 00 00 00 f6 44 24 08 01 74 07 56 e8 47 1a 00 00 59 8b c6 5e c2 04 00 b8 ac 8e 41 00 e8 f7 16 01 00 51 56 8b f1 89 75 f0 c7 06 44 b3 41 00 83 65 fc 00 e8 06 23 00 00 83 4d fc ff 8b ce e8 d2 22 00 00 8b 4d f4 5e 64 89 0d 00 00 00 00 c9 c3 56 8b f1 e8 14 00 00 00 f6 44 24 08 01 74 07 56 e8 f3 19 00
                                                  Data Ascii: C0Mt,uYMu^uW$_[UQSMW}C;~+EE~-VEC0MtxuwYMu^uW$_[VD$tVGY^AQVuDAe#M"M^dVD$tV
                                                  2024-07-22 10:50:38 UTC1369INData Raw: eb 0f 33 c0 83 ff 08 0f 9e c0 48 83 e0 0c 83 c0 04 8d 14 30 3b d3 7d 04 2b de 8b c3 03 f8 57 e8 6e ff ff ff 5f 5e 5b c2 04 00 53 56 8b 5c 24 0c 57 8b f9 8b 37 66 8b 16 8b 0b e8 66 15 00 00 85 c0 7c 0d 66 83 3e 00 74 07 46 46 66 8b 16 eb e8 2b 37 8b cf d1 fe 56 6a 00 e8 e4 fe ff ff 5f 5e 5b c2 04 00 53 8b d9 56 57 8b 3b 33 f6 66 8b 17 66 85 d2 74 39 8b 44 24 10 8b 08 e8 25 15 00 00 85 c0 7c 08 85 f6 75 06 8b f7 eb 02 33 f6 47 47 66 8b 17 66 85 d2 75 dd 85 f6 74 12 2b 33 8b 43 04 8b cb d1 fe 2b c6 50 56 e8 94 fe ff ff 5f 5e 5b c2 04 00 53 56 8b f1 57 8b 7c 24 10 8b 46 04 39 07 7e 02 89 07 8b 5c 24 14 8b ce 53 e8 46 fc ff ff 8b 07 8b 0e 8b d0 69 d2 ff ff ff 7f 03 56 04 8d 54 12 02 52 8d 14 41 03 c3 52 8d 04 41 50 e8 92 11 01 00 83 c4 0c 5f 5e 5b c2 08 00 b8
                                                  Data Ascii: 3H0;}+Wn_^[SV\$W7ff|f>tFFf+7Vj_^[SVW;3fft9D$%|u3GGffut+3C+PV_^[SVW|$F9~\$SFiVTRARAP_^[
                                                  2024-07-22 10:50:38 UTC1369INData Raw: 8d 4d e8 c6 45 fc 04 e8 01 1b 00 00 39 5d cc 75 0c 89 7d c4 c6 45 fc 05 e9 f3 00 00 00 8d 45 e8 8d 4d 9c 50 e8 cb f2 ff ff 38 5e 40 c6 45 fc 06 75 08 8d 4d c4 e8 f5 18 00 00 39 5d cc 74 10 38 5d 0b 75 0b 8d 45 c4 8b ce 50 e8 36 fd ff ff 8d 45 9c 8d 56 10 50 8d 4d b8 e8 b5 fb ff ff 38 5e 40 c6 45 fc 07 74 42 83 c6 28 8d 45 b8 50 8b ce e8 18 f3 ff ff 38 5d 0b 8b 0e 74 07 e8 0c 1f 00 00 eb 0b ff 75 0c 33 d2 53 e8 58 1e 00 00 ff 75 b8 e8 ab 0f 00 00 ff 75 9c e8 a3 0f 00 00 59 89 7d c4 59 c6 45 fc 08 eb 6c 8d 8d 7c ff ff ff e8 c7 f1 ff ff ff 75 b8 8d 8d 54 ff ff ff c6 45 fc 09 e8 38 2b 00 00 84 c0 0f 84 83 00 00 00 8b 4d b8 e8 31 21 00 00 84 c0 75 77 ff 35 80 02 42 00 8d 8e e4 00 00 00 e8 43 f2 ff ff ff b5 7c ff ff ff e8 4b 0f 00 00 ff 75 b8 e8 43 0f 00 00 ff
                                                  Data Ascii: ME9]u}EEMP8^@EuM9]t8]uEP6EVPM8^@EtB(EP8]tu3SXuuY}YEl|uTE8+M1!uw5BC|KuC
                                                  2024-07-22 10:50:38 UTC1369INData Raw: 5d 0c 0f 84 9d 00 00 00 8b 45 88 c7 80 d8 00 00 00 01 00 00 00 89 5d 0c 8d 85 6c ff ff ff ba ca 32 40 00 50 8d 4d 0c c6 45 fc 02 e8 45 00 01 00 8b f0 3b f3 74 0d 8d 4d 0c e8 f7 ff 00 00 e9 a1 00 00 00 6a 03 8d 4d e8 89 5d e8 89 5d ec 89 5d f0 e8 bc f1 ff ff 6a 45 8d 4d dc 5a c6 45 fc 03 e8 f1 2e 00 00 50 8d 4d e8 c6 45 fc 04 e8 c2 ed ff ff c6 45 fc 03 ff 75 dc e8 6a 0a 00 00 59 8d 45 0c 8b 4d 88 50 8d 45 e8 50 e8 7c 00 00 00 ff 75 e8 e8 51 0a 00 00 59 88 5d fc 8d 4d 0c e8 92 ff 00 00 eb 0b 8d 8d 6c ff ff ff e8 d1 00 00 00 8b 75 14 8d 45 d0 50 8b ce e8 76 ed ff ff 39 5e 04 75 10 8b 45 88 8b ce 05 e4 00 00 00 50 e8 61 ed ff ff 8b 45 88 8b 4d 10 8b 75 cc 8a 80 e0 00 00 00 88 01 83 4d fc ff 8d 8d 6c ff ff ff e8 05 04 00 00 8b 4d f4 8b c6 5f 5e 5b 64 89 0d 00
                                                  Data Ascii: ]E]l2@PMEE;tMjM]]]jEMZE.PMEEujYEMPEP|uQY]MluEPv9^uEPaEMuMlM_^[d
                                                  2024-07-22 10:50:38 UTC1369INData Raw: 01 00 51 56 8b f1 57 33 ff c7 06 d4 b3 41 00 c7 46 04 c8 b3 41 00 89 7e 08 89 75 f0 89 7e 0c 8d 4e 10 6a 03 89 7d fc 89 39 89 79 04 89 79 08 e8 85 ec ff ff 8d 4e 1c 6a 03 c6 45 fc 01 89 39 89 79 04 89 79 08 e8 6f ec ff ff 8d 4e 28 6a 03 c6 45 fc 02 89 39 89 79 04 89 79 08 e8 59 ec ff ff 89 7e 4c 8d 4e 50 6a 03 c6 45 fc 04 89 39 89 79 04 89 79 08 e8 40 ec ff ff 8d 4e 68 c6 45 fc 05 e8 36 00 00 00 8d 8e e4 00 00 00 6a 03 c6 45 fc 06 89 39 89 79 04 89 79 08 e8 1b ec ff ff 8b 4d f4 c7 06 a4 b3 41 00 c7 46 04 98 b3 41 00 8b c6 5f 5e 64 89 0d 00 00 00 00 c9 c3 b8 b5 91 41 00 e8 8b 01 01 00 51 51 53 56 8b f1 33 db 57 89 75 ec 89 5e 04 c7 06 24 b4 41 00 8d 4e 0c 89 5e 08 6a 03 89 5d fc 89 19 89 59 04 89 59 08 e8 c7 eb ff ff 8d 7e 3c 89 5e 30 89 1f 8d 4e 40 c6 45
                                                  Data Ascii: QVW3AFA~u~Nj}9yyNjE9yyoN(jE9yyY~LNPjE9yy@NhE6jE9yyMAFA_^dAQQSV3Wu^$AN^j]YY~<^0N@E
                                                  2024-07-22 10:50:38 UTC1369INData Raw: 7f ec 8b 45 fc 5f 5e 5b 66 83 20 00 c9 c2 08 00 55 8b ec ff 75 08 e8 ed 01 01 00 85 c0 59 75 14 8a 45 0b 68 68 c6 41 00 88 45 0b 8d 45 0b 50 e8 ac 00 01 00 5d c3 ff 74 24 04 e8 03 03 01 00 59 c3 56 66 8b 31 8b c1 66 3b f2 74 0c 66 85 f6 74 0d 40 40 66 8b 30 eb ef 2b c1 5e d1 f8 c3 83 c8 ff 5e c3 55 8b ec 51 51 53 33 db 66 3b cb 56 66 89 4d fe 75 05 66 33 c0 eb 66 0f b7 c1 50 ff 15 d4 b1 41 00 8b f0 3b f3 75 53 ff 15 b0 b0 41 00 83 f8 78 75 48 53 53 8d 45 f8 6a 04 50 8d 45 fe 6a 01 50 53 53 ff 15 ac b0 41 00 8b f0 3b f3 74 26 83 fe 04 7f 21 8d 45 f8 88 5c 35 f8 50 ff 15 d8 b1 41 00 8d 45 fe 6a 01 50 8d 45 f8 56 50 53 53 ff 15 a8 b0 41 00 66 8b 45 fe eb 03 66 8b c6 5e 5b c9 c3 56 66 8b 01 66 8b 32 41 41 42 42 66 3b c6 72 09 77 0c 66 85 c0 74 0c eb e8 83 c8
                                                  Data Ascii: E_^[f UuYuEhhAEEP]t$YVf1f;tft@@f0+^^UQQS3f;VfMuf3fPA;uSAxuHSSEjPEjPSSA;t&!E\5PAEjPEVPSSAfEf^[Vff2AABBf;rwft


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  7192.168.2.849729104.19.159.2244434648C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:50:57 UTC123OUTGET /notifications/download/rt/dci/latest/Webprotection.zip HTTP/1.1
                                                  Host: rt.webcompanion.com
                                                  Connection: Keep-Alive
                                                  2024-07-22 10:50:57 UTC379INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:50:57 GMT
                                                  Content-Type: application/zip
                                                  Content-Length: 18692270
                                                  Connection: close
                                                  ETag: "2624103857"
                                                  Last-Modified: Tue, 11 Jun 2024 17:24:23 GMT
                                                  CF-Cache-Status: HIT
                                                  Age: 58
                                                  Expires: Mon, 22 Jul 2024 14:50:57 GMT
                                                  Cache-Control: public, max-age=14400
                                                  Accept-Ranges: bytes
                                                  Server: cloudflare
                                                  CF-RAY: 8a72df6ebfbc5589-EWR
                                                  2024-07-22 10:50:57 UTC990INData Raw: 50 4b 03 04 14 00 00 00 00 00 08 36 47 58 00 00 00 00 00 00 00 00 00 00 00 00 06 00 00 00 57 69 6e 33 32 2f 50 4b 03 04 14 00 00 00 08 00 40 61 ca 46 4b b4 d3 61 33 19 00 00 60 2f 00 00 28 00 00 00 57 69 6e 33 32 2f 61 70 69 2d 6d 73 2d 77 69 6e 2d 63 6f 72 65 2d 63 6f 6e 73 6f 6c 65 2d 6c 31 2d 31 2d 30 2e 64 6c 6c ed 1a 07 54 53 49 f0 a7 50 12 40 04 a4 0a 18 10 a4 26 fc 84 22 58 90 2e ca 51 43 51 8a 10 42 80 08 24 98 84 22 a2 90 e8 81 e2 89 78 28 8a 15 94 13 ac 88 9e 15 3c 8a 58 50 11 6c a8 48 11 b0 21 58 68 d6 53 6e 7f e8 a8 77 f7 de dd bd 2b ef 36 6f fe fe 99 9d 9d 3f 3b 3b 3b 3b bb 2f ce be 19 10 06 82 20 2c 80 fe 7e 08 3a 05 6a a4 58 0d d6 bf 56 6a 01 4c 98 72 66 02 f4 23 ae 5a e3 14 ea 9b 6a 0d cf 70 26 97 10 cd 61 87 71 68 51 04 3a 8d c5 62 f3 08
                                                  Data Ascii: PK6GXWin32/PK@aFKa3`/(Win32/api-ms-win-core-console-l1-1-0.dllTSIP@&"X.QCQB$"x(<XPlH!XhSnw+6o?;;;;/ ,~:jXVjLrf#Zjp&aqhQ:b
                                                  2024-07-22 10:50:57 UTC1369INData Raw: 6c 67 20 89 0e e4 b2 21 2e 80 50 f0 0d 82 90 9b 03 b8 91 27 0d 50 98 e0 8d 05 78 1d 81 d5 50 c3 df b6 03 c0 15 f6 65 02 de 11 2e 08 b2 06 38 13 e8 cb 10 4a 43 f4 8e 81 82 c1 9b 1d d0 e6 1b d0 be 08 9a 32 4a 8e 37 00 0e 90 34 d2 9f 0c 34 27 09 01 79 23 43 c6 d0 74 21 4e 80 74 81 ac 70 40 41 5a 4c 01 c5 0c 00 05 22 02 a0 00 2e 73 48 4f d8 df 0c ec 17 28 a1 6d 78 42 d9 2c 30 8a c8 51 a3 a6 09 f5 e3 0a f5 e3 0e 6a 87 94 64 20 17 05 34 64 00 0b 23 3d 10 3b 44 03 7b 21 23 0c 03 df 45 f2 ce 7d 40 8b df 6f 33 12 68 b1 06 92 22 41 3d 22 85 2b c4 10 eb 21 da c5 82 67 08 e0 84 20 4b a1 de ae 83 9c c8 4c 23 5a 0c d9 09 c1 7e 5d ff c5 90 36 e8 ef 26 d4 2c 04 50 e9 a0 ed d7 e7 fa 30 d0 c4 47 f8 a5 10 40 89 03 74 84 e2 0a e4 23 9a 0d 8c 03 f1 37 64 16 97 0a bf c5 00 d2
                                                  Data Ascii: lg !.P'PxPe.8JC2J744'y#Ct!Ntp@AZL".sHO(mxB,0Qjd 4d#=;D{!#E}@o3h"A="+!g KL#Z~]6&,P0G@t#7d
                                                  2024-07-22 10:50:57 UTC1369INData Raw: 12 4f bc de ec e7 74 c9 e0 66 66 1e 25 ef 25 ea ee fa 2a 86 61 d9 ad 17 4d 0e cd ee 3b de 3a ae a4 96 96 3a 97 ac 5c f0 f2 52 03 45 fe 3c 35 bd b8 d6 12 84 c1 3b 20 0c 96 0e 84 41 3c 4d 2c d6 5b 18 fd c4 3f 8b 7e ab ff 92 b8 42 81 e1 81 b8 a2 37 d2 ee c1 06 57 7a b6 60 7e 99 a1 4c 3a 8d c7 20 58 c7 f0 c2 d9 e0 5c b0 14 89 80 b0 30 02 82 40 48 b6 20 9b 9b 90 4d 28 20 02 52 cc 06 50 53 04 fd a7 04 ea df 0a 8b 8d 92 c5 bb 1f 92 70 6d 4f ce bf c9 62 96 40 1a 67 99 c6 c6 2f 0f 61 af 78 26 bf 10 5d 59 7c 9e b0 ea de 9b 1b 6b 7b cc 8f 1c c8 3b 44 4c 0c 5e 2a d2 df 36 7f 0e d6 94 10 dd 56 f9 24 e2 c1 f6 32 b3 98 f6 34 72 e3 ba e8 47 0d d3 8f f3 1c b2 74 fd 52 83 a6 1a 96 36 cc fd 21 ec 8d bb ce 4e 4e 87 d8 de aa d3 ea 33 a9 a6 89 8f 6e 76 ea 9c 4e 55 fd 74 ba 6a
                                                  Data Ascii: Otff%%*aM;::\RE<5; A<M,[?~B7Wz`~L: X\0@H M( RPSpmOb@g/ax&]Y|k{;DL^*6V$24rGtR6!NN3nvNUtj
                                                  2024-07-22 10:50:57 UTC1369INData Raw: 33 e9 1c 36 71 5d ef 94 d3 9a 9a 58 45 d1 19 87 a6 6e d5 39 d0 16 7a a9 d3 57 65 ff 65 41 69 88 57 e2 e6 c7 5d ad f4 da 29 8c 9e c9 25 2d e7 ef 43 f8 42 d6 ae 6c db 07 a8 3c b8 b1 e1 c4 ea f5 5e d6 95 7e 8f 1f 46 1f 49 23 c2 75 0d ed fa bd e6 75 ef 9a 95 38 1a 85 5c d9 f9 fa 9a 0f 6f d7 67 b7 59 4f f6 78 92 2b 90 73 86 05 72 f3 86 8d 8e c1 a0 c8 02 39 0b 40 33 1d 73 36 94 9b 06 48 9a 68 14 e6 f3 b3 a1 00 35 5b 54 62 68 92 27 82 e3 a1 00 65 08 6c ab 0b 1a b4 80 b3 0f 8a 5e b5 10 8f 41 7d e1 70 b8 a9 3a b4 ab f8 c7 f9 77 cb e7 04 1d 6c 3a d5 2d b5 f5 f8 79 dd 40 a9 ba bd ca 6b 36 28 c8 bf 17 89 45 8b 7a 85 0b 3a 6e 94 2a c9 01 7f 35 85 cd 60 63 32 6c 0a 7e 24 18 36 f7 85 c5 c0 07 92 d1 a8 de 1c fe e9 3c fe 09 98 7f ec 2f 59 54 e3 92 7a 1d 58 7b 00 55 67 d9
                                                  Data Ascii: 36q]XEn9zWeeAiW])%-CBl<^~FI#uu8\ogYOx+sr9@3s6Hh5[Tbh'el^A}p:wl:-y@k6(Ez:n*5`c2l~$6</YTzX{Ug
                                                  2024-07-22 10:50:57 UTC1369INData Raw: 1d db c7 6e a9 2e ad 2d ef 28 a5 7a 61 93 58 8b 2d 9a a5 a7 76 7f 6b 63 6f ea 19 3d f1 3b ff 7b 62 3b a0 7a 91 e7 5b 4d 9b 9f 6d aa ec 12 15 47 dd 30 3e b8 fc 22 b8 92 f3 0a e7 3f 4b d5 88 ae b7 e8 55 25 f5 df 5a 76 b7 6e fd d1 4b da 26 56 b6 b4 fb eb 29 f4 7b 72 2a be 69 8b a4 67 1c 62 27 dc e9 89 5c 5b f3 b1 e9 dd db cb 09 ba 9c 69 61 cf 92 ef cc 56 c1 b9 be 99 5d 57 ba b3 b2 a3 d5 6d d2 4b 85 44 0d f1 58 e3 09 f6 da 39 46 72 7d 95 d2 4c 51 fd 2d 8a bd 0f 2f 52 a3 51 71 a9 ee 1a a9 86 8d 11 fb 2a 23 37 9a 41 51 ea 87 dc 0b f7 26 f8 71 d2 65 ee a7 68 85 49 a0 14 93 82 35 cf 5b 5f b0 b2 51 68 f6 38 53 65 19 71 45 74 c6 3a 7c dc 6a bc fb b1 56 e3 16 53 c7 6e e3 43 b9 57 12 b7 e4 c7 e5 a7 3b f7 39 4e e1 bc 5e 23 11 3d 73 68 a3 9a 0c 2c a2 38 6a 5b 7a fa f4
                                                  Data Ascii: n.-(zaX-vkco=;{b;z[MmG0>"?KU%ZvnK&V){r*igb'\[iaV]WmKDX9Fr}LQ-/RQq*#7AQ&qehI5[_Qh8SeqEt:|jVSnCW;9N^#=sh,8j[z
                                                  2024-07-22 10:50:57 UTC1369INData Raw: 78 7f f2 8e f5 df 3d bd 80 fd 74 78 87 d7 a5 d4 d0 c6 00 b1 20 ce 8d eb 05 2b 71 6f 35 cb 60 f2 49 ec dd bd cf ae f5 0b 96 15 d6 07 16 4c 34 f5 3f 4c 49 6e f5 29 13 c9 7e d8 1e 55 48 4c 24 67 e2 c3 31 36 0d be cf ea b5 25 49 dc 47 29 70 03 96 c4 cf df 41 4f 5b 05 cc f5 0b 50 4b 03 04 14 00 00 00 08 00 40 61 ca 46 a4 b7 1d 40 7c 18 00 00 60 2d 00 00 29 00 00 00 57 69 6e 33 32 2f 61 70 69 2d 6d 73 2d 77 69 6e 2d 63 6f 72 65 2d 64 61 74 65 74 69 6d 65 2d 6c 31 2d 31 2d 30 2e 64 6c 6c ed 1a 09 38 94 5b f4 9f c5 d8 a9 64 2b cb 28 12 1a fe 19 7b 91 ec ca 92 35 84 18 63 64 6c a3 99 11 49 31 53 11 af 85 57 29 a4 88 42 0b d1 62 2d a5 48 59 d2 2e af 10 49 49 8b 1e 79 5a 78 f7 1f 94 bc d7 7b ef fb de 7b df 5b af ef cc fd cf b9 e7 9e 7b ee bd e7 9e 73 ee fd d8 ae 4c
                                                  Data Ascii: x=tx +qo5`IL4?LIn)~UHL$g16%IG)pAO[PK@aF@|`-)Win32/api-ms-win-core-datetime-l1-1-0.dll8[d+({5cdlI1SW)Bb-HY.IIyZx{{[{sL
                                                  2024-07-22 10:50:57 UTC1369INData Raw: 21 f4 50 3f a2 1c 2c 83 50 04 c4 c4 6d 69 14 06 9d 49 f7 67 e1 4d e9 8c 30 3a 83 cc a2 81 1e ea f0 02 a4 1d 23 a6 f4 b9 dd 95 16 ea 47 8f 60 e2 ed 19 74 bf 70 0a c2 86 b7 37 35 c6 93 60 22 11 96 93 14 26 6a c1 ba 30 91 04 6b 02 c2 4a 80 6a 13 e1 4f 28 1c f6 a7 68 39 0b 96 1a d3 72 fa 4f b4 84 39 a8 39 93 d7 0a 6c 01 86 83 12 05 db 8d 12 40 73 50 28 68 b7 d1 6c 35 3e 93 be d3 a4 be 1d 3d 6b 53 aa 03 b5 da 1d ce 68 3c d8 61 9c fb 66 a3 7d fd 92 13 55 05 fb 76 25 69 54 f2 ab 6e 48 3f d7 b1 e2 07 e9 f6 f0 7b 25 ca 7b bc ef e8 6c ca e9 95 cb 28 51 22 63 3d 37 af 58 bb 78 c6 59 03 cb e9 cc e4 69 1b f3 1d 66 d8 b7 1f 1b ec 50 dc 7f 79 6e ed fd fe 55 f8 9c 6a 95 d1 84 94 25 85 29 fa 1e f2 d7 50 e1 39 e8 bb d6 b1 fe 74 d5 37 f5 39 dd 45 3b 16 df db ea c4 db 66 65
                                                  Data Ascii: !P?,PmiIgM0:#G`tp75`"&j0kJjO(h9rO99l@sP(hl5>=kSh<af}Uv%iTnH?{%{l(Q"c=7XxYifPynUj%)P9t79E;fe
                                                  2024-07-22 10:50:57 UTC1369INData Raw: e0 b4 7e ea 8c b8 ae 0e bc 47 22 fb cf 75 48 c0 7c 81 f1 02 9b 45 9c 11 4c 00 ce 96 a4 c9 f5 77 2b 27 f9 3b 24 a3 59 36 c9 df 2d fe 25 7f f7 d9 d9 7d 45 36 eb 27 ae 0d 2c e0 cc 0f d1 6b 1c 0e af ab 0e 2d 7e a5 bf b8 d2 c0 51 34 54 cd 68 9a 18 73 24 2f a0 d9 ea 88 96 6d 62 0a cf bc 97 44 8b 24 f2 ba bb a3 7a ea e6 41 03 17 ba e7 97 b6 ca ee 4c fc 8e ff de ac 2b 36 02 3a fe 81 db fa 66 df c3 26 e5 49 49 e6 a4 97 75 2e 21 e9 ac bd 7c 71 65 6d d5 63 ec 85 5e 89 5b c7 2f 05 bc f2 3d fe d0 39 d8 1e 76 3b f2 3c 7a 64 77 ae dd 8e 81 be e8 38 a6 6b b5 a3 02 53 6b e5 f7 d9 89 2b ea b0 ad bc fc 2f 7e f8 a6 ab 69 60 e3 8e 82 d7 6f 05 13 f9 de 1b 5d 95 65 c4 38 95 3e 3f 4f e9 e8 32 24 52 4f b2 bb df 1c 6f 94 c8 39 68 98 57 94 5e 6d d2 9c b4 d9 db 59 76 34 a1 b7 5c d6
                                                  Data Ascii: ~G"uH|ELw+';$Y6-%}E6',k-~Q4Ths$/mbD$zAL+6:f&IIu.!|qemc^[/=9v;<zdw8kSk+/~i`o]e8>?O2$ROo9hW^mYv4\
                                                  2024-07-22 10:50:57 UTC1369INData Raw: c5 cb 47 bc 6e 90 c5 42 e7 d7 ce 1a 8e 8b ad 68 27 7f b0 b8 a8 2c ab b8 7a 06 63 96 42 62 a1 b5 5f 82 bd 6f 91 d7 c7 08 79 c3 d7 ae e1 c7 cf 25 9a d8 2e 71 b8 21 ba 1f b7 78 75 cc a0 ff 05 4c 8a d9 c6 57 cd d6 1f 43 bb d3 ae 15 e5 bd 89 52 15 20 be 6e b5 c3 25 9f dd ca a7 fd 34 52 e6 e4 b3 d4 46 83 1e 0d b3 f2 dc 81 07 7e e7 72 50 17 f1 fc bb 22 1b 3f 54 5e b8 6a e6 b5 4a 62 3f 8a 67 f9 1c db 89 74 ef 09 58 91 ce 5f 4c f7 ee 50 16 7a 26 12 93 be 37 5d 1f 6d 31 bb 46 33 60 e5 96 10 97 ff d3 bd 2f d2 3d 76 26 a2 34 1e 99 26 7b 0f cc fe 16 66 ef fc b4 3e ea 18 98 cd 86 0d 27 46 43 a3 24 88 5f 1d cd de 7a a9 86 1f 9d c2 d4 30 b5 77 d2 f0 a3 fa 93 c3 83 59 ea 01 ac 10 78 c9 a7 ee 68 58 4b 8e 84 97 9d f4 36 eb 0d de 1e e9 a0 46 22 e4 3a 80 21 af cc c8 0b 21 f2
                                                  Data Ascii: GnBh',zcBb_oy%.q!xuLWCR n%4RF~rP"?T^jJb?gtX_LPz&7]m1F3`/=v&4&{f>'FC$_z0wYxhXK6F":!!
                                                  2024-07-22 10:50:57 UTC1369INData Raw: c8 8d c8 11 97 28 fd 6e 15 5f da 95 93 67 25 69 2d 23 28 c1 97 eb 42 24 17 f5 8b 88 57 67 2e 3d 83 35 6d 74 6d 98 93 74 33 a2 72 9f 5d 44 e9 ed d6 3b b2 31 2f 1d 09 7d 3e aa 6a 96 df 16 5d 7a 2e 15 37 7c c7 a2 e6 a8 10 b3 39 b4 cb 29 8b 83 59 07 73 d0 64 ee 7d bb 2b eb 1f 7c 41 38 a4 24 00 e6 c0 8f e3 51 13 c1 a0 67 81 ed 15 87 b2 37 53 fc 53 bd 86 28 ca 15 26 79 97 0e c7 fa 24 bd 3b 5e 97 c9 ae 86 d9 55 39 ec 4a 98 5d f6 d7 cc d2 ce d9 89 3b 4b 6d 5d 0b 1d 82 29 d1 1c 26 68 6b 6b 99 12 d5 60 95 b1 59 ce f9 72 96 78 27 7a 38 83 42 c5 db 92 99 2c d0 db 34 98 4e 09 9a 6c c9 3c 3c 10 9a 07 ba 2f 55 97 01 cf 91 12 9d b8 fe c1 30 49 8f a8 b9 f2 13 41 6b 9c 00 47 80 24 eb d3 5d 13 8b 22 6a 80 33 24 30 2e 00 c9 68 05 c0 0f 1a ad e0 84 06 59 28 48 c3 c0 b7 74 e6
                                                  Data Ascii: (n_g%i-#(B$Wg.=5mtmt3r]D;1/}>j]z.7|9)Ysd}+|A8$Qg7SS(&y$;^U9J];Km])&hkk`Yrx'z8B,4Nl<</U0IAkG$]"j3$0.hY(Ht


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  8192.168.2.849735104.16.149.1304434648C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:51:39 UTC86OUTGET /api/v2/url/blacklist HTTP/1.1
                                                  Host: acs.lavasoft.com
                                                  Connection: Keep-Alive
                                                  2024-07-22 10:51:39 UTC324INHTTP/1.1 301 Moved Permanently
                                                  Date: Mon, 22 Jul 2024 10:51:39 GMT
                                                  Content-Length: 0
                                                  Connection: close
                                                  Cache-Control: public
                                                  Cache-Control: max-age=86400
                                                  Location: https://acscdn.lavasoft.com/urlblacklist.json
                                                  api-supported-versions: 2.0
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e07279da428b-EWR


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  9192.168.2.849736104.16.149.1304434648C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:51:39 UTC86OUTGET /urlblacklist.json HTTP/1.1
                                                  Host: acscdn.lavasoft.com
                                                  Connection: Keep-Alive
                                                  2024-07-22 10:51:40 UTC385INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:40 GMT
                                                  Content-Type: application/json
                                                  Content-Length: 201625
                                                  Connection: close
                                                  Last-Modified: Wed, 15 Nov 2023 13:57:17 GMT
                                                  ETag: "6554ce3d-31399"
                                                  CF-Cache-Status: HIT
                                                  Age: 63217
                                                  Expires: Tue, 23 Jul 2024 06:51:40 GMT
                                                  Cache-Control: public, max-age=72000
                                                  Accept-Ranges: bytes
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e0772cca4333-EWR
                                                  2024-07-22 10:51:40 UTC984INData Raw: 5b 22 6c 61 69 7a 68 65 6e 67 73 6c 74 2e 63 6e 22 2c 22 6d 79 74 6f 6f 6c 7a 2e 6e 65 74 22 2c 22 70 72 6f 74 65 63 74 32 34 37 2e 6f 6e 6c 69 6e 65 22 2c 22 78 78 6c 61 73 74 2e 63 6f 6d 22 2c 22 77 6f 72 6c 64 73 61 6e 61 6c 79 74 69 63 73 2e 63 6f 6d 22 2c 22 73 6b 69 6c 6c 74 72 61 6e 73 66 6f 72 6d 2e 63 6f 2e 69 6e 22 2c 22 6c 65 6c 61 65 72 2e 63 6f 6d 22 2c 22 6a 70 6f 70 73 69 6e 67 6c 65 73 2e 65 75 22 2c 22 72 69 73 71 75 65 67 61 6c 6b 78 2e 63 6f 6d 22 2c 22 73 76 65 74 76 79 68 6f 64 2e 73 6b 22 2c 22 6d 6f 76 69 65 63 72 75 6d 62 73 2e 6e 65 74 22 2c 22 70 68 72 61 62 75 2e 67 6f 2e 74 68 22 2c 22 6f 6e 6c 79 69 6e 64 69 61 6e 78 2e 63 63 22 2c 22 69 6b 69 73 73 2e 6f 6e 6c 69 6e 65 22 2c 22 75 72 65 77 73 61 77 61 6e 69 2e 61 75 74 6f 73
                                                  Data Ascii: ["laizhengslt.cn","mytoolz.net","protect247.online","xxlast.com","worldsanalytics.com","skilltransform.co.in","lelaer.com","jpopsingles.eu","risquegalkx.com","svetvyhod.sk","moviecrumbs.net","phrabu.go.th","onlyindianx.cc","ikiss.online","urewsawani.autos
                                                  2024-07-22 10:51:40 UTC1369INData Raw: 6b 61 74 6d 6f 76 69 65 68 64 2e 6d 6f 76 22 2c 22 62 6c 75 65 67 61 73 6c 61 6d 70 2e 6f 72 67 22 2c 22 64 72 61 67 67 65 64 6c 69 6e 65 2e 6f 72 67 22 2c 22 67 68 35 79 73 33 67 72 79 35 64 35 33 32 2e 78 79 7a 22 2c 22 6b 61 61 6d 75 75 2e 6f 72 67 22 2c 22 73 61 6f 6d 61 32 32 30 2e 78 79 7a 22 2c 22 6c 69 76 65 74 76 33 36 35 2e 6d 65 22 2c 22 70 69 73 69 2e 70 69 63 73 22 2c 22 76 61 6c 75 65 2d 6c 69 66 65 2e 78 79 7a 22 2c 22 72 69 64 6f 6d 6f 76 69 65 73 2e 74 76 22 2c 22 70 68 69 6c 77 69 6e 2e 70 68 22 2c 22 61 64 6d 69 72 61 6c 73 68 69 70 70 69 6e 67 2e 63 6f 6d 22 2c 22 66 72 65 65 74 6f 6f 6c 6f 6e 6c 69 6e 65 2e 63 6f 6d 22 2c 22 76 69 74 61 6c 61 6d 73 65 65 2e 63 6f 6d 22 2c 22 6f 72 69 67 6c 6e 61 6c 64 61 74 65 2e 63 6f 6d 22 2c 22 72
                                                  Data Ascii: katmoviehd.mov","bluegaslamp.org","draggedline.org","gh5ys3gry5d532.xyz","kaamuu.org","saoma220.xyz","livetv365.me","pisi.pics","value-life.xyz","ridomovies.tv","philwin.ph","admiralshipping.com","freetoolonline.com","vitalamsee.com","origlnaldate.com","r
                                                  2024-07-22 10:51:40 UTC1369INData Raw: 79 2e 63 6f 6d 22 2c 22 61 69 73 68 6f 72 74 2e 74 6f 70 22 2c 22 70 72 6f 6d 6c 61 7a 65 72 2e 72 75 22 2c 22 6c 65 66 74 62 69 6c 6c 2e 74 6f 70 22 2c 22 75 70 73 63 61 72 72 69 61 67 65 70 61 79 6d 65 6e 74 2e 63 6f 6d 22 2c 22 69 6e 76 65 73 74 6c 69 65 2e 63 6f 6d 22 2c 22 74 35 2d 77 69 6b 69 2e 64 65 22 2c 22 66 72 65 65 73 6f 66 74 72 75 73 2e 72 75 22 2c 22 70 61 70 73 74 72 65 61 6d 2e 63 6c 75 62 22 2c 22 77 6f 72 6c 64 6e 65 77 73 2d 32 34 2e 63 6f 6d 22 2c 22 65 6e 73 74 72 65 61 6d 2e 74 6f 70 22 2c 22 73 6f 72 63 65 72 65 72 6f 66 74 65 61 2e 63 6f 6d 22 2c 22 6d 79 63 6c 69 63 6b 2d 32 2e 63 6f 6d 22 2c 22 6c 65 6c 69 65 7a 6f 72 67 67 72 6f 65 70 2e 6e 6c 22 2c 22 6d 75 61 74 68 65 6e 67 61 79 2e 63 6f 6d 22 2c 22 78 6e 2d 2d 38 30 61 63
                                                  Data Ascii: y.com","aishort.top","promlazer.ru","leftbill.top","upscarriagepayment.com","investlie.com","t5-wiki.de","freesoftrus.ru","papstream.club","worldnews-24.com","enstream.top","sorcereroftea.com","myclick-2.com","leliezorggroep.nl","muathengay.com","xn--80ac
                                                  2024-07-22 10:51:40 UTC1369INData Raw: 64 65 2e 6c 69 66 65 22 2c 22 67 30 66 2e 63 6e 22 2c 22 65 73 75 6e 32 31 2e 63 6e 22 2c 22 62 61 6f 66 65 6e 67 6a 69 68 75 6f 2e 63 6f 6d 22 2c 22 6b 65 79 67 65 6e 73 2e 70 72 6f 22 2c 22 63 68 61 72 6d 61 6e 74 65 73 76 6f 69 73 69 6e 65 73 6d 75 72 65 73 2e 63 6f 6d 22 2c 22 76 69 61 74 72 69 73 2d 65 2d 63 68 61 6e 6e 65 6c 2e 63 6f 6d 22 2c 22 73 68 6f 72 74 6c 79 61 6d 75 73 65 6d 65 6e 74 2e 63 6f 6d 22 2c 22 32 31 39 32 39 2e 72 75 22 2c 22 67 65 74 6d 61 63 6b 65 65 70 65 72 73 6f 66 74 70 72 6f 2e 78 79 7a 22 2c 22 74 68 65 73 79 6e 74 68 65 73 69 73 2e 61 70 70 22 2c 22 63 75 74 69 6c 6e 6b 73 2e 63 6f 6d 22 2c 22 61 75 74 6f 62 69 6b 65 72 73 2e 78 79 7a 22 2c 22 70 69 72 61 74 65 2d 70 72 6f 78 79 2e 74 6f 70 22 2c 22 34 35 2e 31 34 38 2e
                                                  Data Ascii: de.life","g0f.cn","esun21.cn","baofengjihuo.com","keygens.pro","charmantesvoisinesmures.com","viatris-e-channel.com","shortlyamusement.com","21929.ru","getmackeepersoftpro.xyz","thesynthesis.app","cutilnks.com","autobikers.xyz","pirate-proxy.top","45.148.
                                                  2024-07-22 10:51:40 UTC1369INData Raw: 79 77 70 6a 6b 2e 63 6f 6d 22 2c 22 73 79 6c 76 69 6e 61 6e 6f 72 72 65 79 2e 63 6f 6d 22 2c 22 6c 6f 6e 38 38 2e 74 6f 70 22 2c 22 76 6c 61 65 6b 61 6e 2e 6b 7a 22 2c 22 73 75 70 74 72 61 66 2e 63 6f 6d 22 2c 22 67 65 74 66 6c 69 6b 2e 63 6f 6d 22 2c 22 63 6f 6f 6c 74 72 6b 2e 78 79 7a 22 2c 22 66 6c 69 72 74 74 6f 6d 65 2e 63 6f 6d 22 2c 22 6d 61 73 61 63 2e 73 62 73 22 2c 22 6e 61 69 6c 6d 61 67 61 7a 69 6e 65 2e 6f 6e 6c 69 6e 65 22 2c 22 72 6f 76 32 2e 6e 65 74 22 2c 22 63 61 73 74 6c 65 63 61 70 69 74 61 6c 2e 76 63 22 2c 22 6d 6f 62 69 6c 65 74 6f 72 72 65 6e 74 2e 69 6e 66 6f 22 2c 22 63 77 62 74 69 2e 63 6f 6d 2e 62 72 22 2c 22 70 6f 73 61 64 61 6c 61 72 6f 62 6c 65 64 61 2e 63 6f 6d 22 2c 22 61 6c 6c 75 72 69 6e 67 67 61 6c 67 2e 63 6f 6d 22 2c
                                                  Data Ascii: ywpjk.com","sylvinanorrey.com","lon88.top","vlaekan.kz","suptraf.com","getflik.com","cooltrk.xyz","flirttome.com","masac.sbs","nailmagazine.online","rov2.net","castlecapital.vc","mobiletorrent.info","cwbti.com.br","posadalarobleda.com","alluringgalg.com",
                                                  2024-07-22 10:51:40 UTC1369INData Raw: 2c 22 74 6f 72 69 6f 6c 75 6f 72 2e 63 6f 6d 22 2c 22 63 72 61 63 6b 73 75 72 6c 2e 63 6f 6d 22 2c 22 70 72 79 76 69 74 61 6e 6e 79 61 2e 74 6f 70 22 2c 22 63 68 61 6e 67 62 65 65 72 2e 73 69 74 65 22 2c 22 61 64 6f 6e 73 6f 6e 6c 79 64 2e 78 79 7a 22 2c 22 74 68 65 6d 65 6e 63 6f 64 65 2e 63 6f 6d 22 2c 22 70 65 72 61 74 75 72 61 6e 70 65 64 69 61 2e 69 64 22 2c 22 74 65 6c 75 74 6f 70 69 65 7a 2e 63 6c 75 62 22 2c 22 76 73 67 7a 64 64 6a 2e 63 6f 6d 22 2c 22 61 64 61 70 61 2d 67 72 6f 75 70 2e 63 6f 6d 22 2c 22 73 68 65 65 74 2d 6d 75 73 69 63 2e 78 79 7a 22 2c 22 72 6f 63 6b 68 61 74 74 65 72 2e 63 6f 6d 22 2c 22 63 6f 6e 73 63 69 6f 75 73 6e 65 73 73 71 75 61 69 6e 74 2e 63 6f 6d 22 2c 22 76 61 6c 6c 65 73 76 69 73 69 6f 2e 63 61 74 22 2c 22 63 73 69
                                                  Data Ascii: ,"torioluor.com","cracksurl.com","pryvitannya.top","changbeer.site","adonsonlyd.xyz","themencode.com","peraturanpedia.id","telutopiez.club","vsgzddj.com","adapa-group.com","sheet-music.xyz","rockhatter.com","consciousnessquaint.com","vallesvisio.cat","csi
                                                  2024-07-22 10:51:40 UTC1369INData Raw: 2e 63 6f 6d 2e 75 61 22 2c 22 63 61 6d 61 64 6d 69 6e 2e 72 75 22 2c 22 6a 75 62 74 31 32 2e 78 79 7a 22 2c 22 72 6b 6e 2e 67 6f 76 2e 72 75 22 2c 22 31 32 33 6d 6f 76 69 65 2e 6c 74 64 22 2c 22 64 73 32 2e 63 6c 75 62 22 2c 22 79 6f 6d 73 74 2e 6f 72 67 22 2c 22 73 75 69 62 65 2e 65 64 75 2e 63 6e 22 2c 22 38 78 62 65 74 33 30 30 2e 63 6f 6d 22 2c 22 61 70 70 6c 65 69 64 78 79 2e 74 6f 70 22 2c 22 62 69 6f 6c 61 62 73 68 6f 70 32 34 2e 63 6f 6d 22 2c 22 6d 79 66 69 6c 65 73 74 6f 72 65 2e 63 6f 6d 22 2c 22 6f 72 6b 6c 69 6e 6b 2e 63 6f 6d 22 2c 22 65 78 70 6c 6f 72 72 2e 6e 65 74 22 2c 22 67 6f 74 72 61 63 6b 72 65 64 69 72 65 63 74 2e 63 6f 6d 22 2c 22 6a 61 76 69 65 72 64 65 6c 61 73 65 6e 2e 63 6f 6d 22 2c 22 62 72 69 61 6e 73 73 63 6c 75 62 2e 63 63
                                                  Data Ascii: .com.ua","camadmin.ru","jubt12.xyz","rkn.gov.ru","123movie.ltd","ds2.club","yomst.org","suibe.edu.cn","8xbet300.com","appleidxy.top","biolabshop24.com","myfilestore.com","orklink.com","explorr.net","gotrackredirect.com","javierdelasen.com","brianssclub.cc
                                                  2024-07-22 10:51:40 UTC1369INData Raw: 2c 22 64 69 73 63 6c 6f 73 65 70 72 6f 67 72 61 6d 77 65 64 6e 65 73 64 61 79 2e 63 6f 6d 22 2c 22 6b 69 6e 6f 6e 65 77 73 2e 70 72 6f 22 2c 22 6f 68 6e 79 64 65 6c 69 67 68 74 66 75 6c 64 61 74 65 73 2e 6c 69 66 65 22 2c 22 62 6f 6b 65 70 69 64 2e 62 6f 6e 64 22 2c 22 62 6f 72 69 73 2e 64 65 22 2c 22 6d 75 6e 64 6f 63 69 6e 65 6d 61 74 6f 67 72 61 66 69 63 6f 2e 6e 65 74 22 2c 22 62 65 74 61 63 65 6e 74 61 75 72 69 2e 74 6f 70 22 2c 22 6f 6d 67 6e 6f 74 65 2e 6e 65 74 6c 69 66 79 2e 61 70 70 22 2c 22 67 72 6f 77 6e 75 70 67 61 6c 6f 72 65 2e 6c 69 66 65 22 2c 22 69 6d 70 6f 73 73 69 62 6c 65 6f 66 66 65 72 73 2e 63 6f 6d 22 2c 22 76 6b 73 74 72 65 61 6d 2e 74 6f 70 22 2c 22 68 6f 74 70 72 6f 6d 6f 74 69 6f 6e 73 2e 6f 6e 6c 69 6e 65 22 2c 22 69 6f 2e 6b
                                                  Data Ascii: ,"discloseprogramwednesday.com","kinonews.pro","ohnydelightfuldates.life","bokepid.bond","boris.de","mundocinematografico.net","betacentauri.top","omgnote.netlify.app","grownupgalore.life","impossibleoffers.com","vkstream.top","hotpromotions.online","io.k
                                                  2024-07-22 10:51:40 UTC1369INData Raw: 2e 69 74 22 2c 22 6f 6f 72 63 61 73 65 6c 6c 73 2e 63 6f 6d 22 2c 22 6f 6e 65 64 61 73 68 2e 6e 65 74 22 2c 22 74 70 61 73 2e 72 75 22 2c 22 74 65 6e 69 38 35 73 74 61 62 30 31 64 2e 63 6f 6d 22 2c 22 74 68 6f 73 65 63 61 6e 64 79 2e 63 6f 6d 22 2c 22 6e 69 6c 6b 6e 61 72 66 2e 78 79 7a 22 2c 22 72 65 69 66 65 66 72 61 75 65 6e 2e 63 6f 6d 22 2c 22 72 6f 73 65 33 33 2e 74 6f 70 22 2c 22 73 74 6f 6e 65 61 67 65 70 65 64 69 61 2e 63 6f 6d 22 2c 22 6d 79 70 72 69 76 61 74 65 2e 70 69 63 73 22 2c 22 73 6e 61 70 78 2e 69 6e 66 6f 22 2c 22 67 74 61 75 74 6f 63 6c 69 63 6b 65 72 2e 63 6f 6d 22 2c 22 66 6d 6f 76 69 65 7a 2e 69 6e 66 6f 22 2c 22 63 6f 6d 65 73 68 6f 70 69 6e 67 2e 74 6f 6b 79 6f 22 2c 22 70 65 6c 69 73 78 70 6f 72 6e 6f 2e 6e 65 74 22 2c 22 63 68
                                                  Data Ascii: .it","oorcasells.com","onedash.net","tpas.ru","teni85stab01d.com","thosecandy.com","nilknarf.xyz","reifefrauen.com","rose33.top","stoneagepedia.com","myprivate.pics","snapx.info","gtautoclicker.com","fmoviez.info","comeshoping.tokyo","pelisxporno.net","ch
                                                  2024-07-22 10:51:40 UTC1369INData Raw: 70 74 34 72 75 73 2e 72 75 22 2c 22 6c 69 76 65 64 73 6b 61 74 65 72 61 69 73 69 6e 2e 63 6f 6d 22 2c 22 61 79 65 6a 6f 6d 65 72 2e 74 6f 70 22 2c 22 6e 6a 69 32 30 2e 78 79 7a 22 2c 22 67 61 6c 61 78 79 62 79 63 6f 69 6e 2e 63 6f 6d 22 2c 22 65 73 74 61 69 6c 6f 66 61 73 68 69 6f 6e 2e 63 6f 6d 22 2c 22 61 72 63 68 65 75 72 6f 70 65 2e 69 6e 66 6f 22 2c 22 65 7a 63 67 6f 6a 61 61 6d 67 2e 63 6f 6d 22 2c 22 68 2d 67 65 6e 2e 78 79 7a 22 2c 22 78 6e 2d 2d 39 30 61 61 76 6d 66 69 37 62 31 64 2e 78 79 7a 22 2c 22 6c 69 62 72 6f 73 72 65 63 6f 6d 65 6e 64 61 64 6f 73 73 2e 63 6f 6d 22 2c 22 75 74 69 6c 69 74 79 70 72 65 73 65 6e 74 2e 63 6f 6d 22 2c 22 74 68 65 67 61 6d 65 70 6c 61 79 2e 6c 69 66 65 22 2c 22 61 69 36 38 36 38 2e 74 6f 70 22 2c 22 78 79 63 6c
                                                  Data Ascii: pt4rus.ru","livedskateraisin.com","ayejomer.top","nji20.xyz","galaxybycoin.com","estailofashion.com","archeurope.info","ezcgojaamg.com","h-gen.xyz","xn--90aavmfi7b1d.xyz","librosrecomendadoss.com","utilitypresent.com","thegameplay.life","ai6868.top","xycl


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  10192.168.2.849737104.16.149.1304434648C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:51:42 UTC71OUTGET /api/v2/url/permanentwhitelist HTTP/1.1
                                                  Host: acs.lavasoft.com
                                                  2024-07-22 10:51:42 UTC333INHTTP/1.1 301 Moved Permanently
                                                  Date: Mon, 22 Jul 2024 10:51:42 GMT
                                                  Content-Length: 0
                                                  Connection: close
                                                  Cache-Control: public
                                                  Cache-Control: max-age=86400
                                                  Location: https://acscdn.lavasoft.com/permanentUrlWhitelist.json
                                                  api-supported-versions: 2.0
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e088bc550f69-EWR


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  11192.168.2.849738104.16.149.1304434648C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:51:43 UTC71OUTGET /permanentUrlWhitelist.json HTTP/1.1
                                                  Host: acscdn.lavasoft.com
                                                  2024-07-22 10:51:43 UTC383INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:43 GMT
                                                  Content-Type: application/json
                                                  Content-Length: 16065
                                                  Connection: close
                                                  Last-Modified: Wed, 15 Nov 2023 13:57:17 GMT
                                                  ETag: "6554ce3d-3ec1"
                                                  CF-Cache-Status: HIT
                                                  Age: 38822
                                                  Expires: Tue, 23 Jul 2024 06:51:43 GMT
                                                  Cache-Control: public, max-age=72000
                                                  Accept-Ranges: bytes
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e08caec6436a-EWR
                                                  2024-07-22 10:51:43 UTC986INData Raw: 5b 22 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 22 2c 20 22 69 6e 73 74 61 67 72 61 6d 2e 63 6f 6d 22 2c 20 22 74 77 69 74 74 65 72 2e 63 6f 6d 22 2c 20 22 67 6f 6f 67 6c 65 2e 63 6f 6d 22 2c 20 22 77 6f 72 64 70 72 65 73 73 2e 6f 72 67 22 2c 20 22 79 6f 75 74 75 62 65 2e 63 6f 6d 22 2c 20 22 6c 69 6e 6b 65 64 69 6e 2e 63 6f 6d 22 2c 20 22 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 22 2c 20 22 70 69 6e 74 65 72 65 73 74 2e 63 6f 6d 22 2c 20 22 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 22 2c 20 22 61 70 70 6c 65 2e 63 6f 6d 22 2c 20 22 61 64 61 77 61 72 65 2e 63 6f 6d 22 2c 20 22 61 76 61 6e 71 75 65 73 74 2e 63 6f 6d 22 2c 20 22 77 65 62 63 6f 6d 70 61 6e 69 6f 6e 2e 63 6f 6d 22 2c 20 22 73 6f 64 61 70 64 66 2e 63 6f 6d 22 2c 20 22 69 6e 70 69 78 69 6f 2e 63 6f 6d
                                                  Data Ascii: ["facebook.com", "instagram.com", "twitter.com", "google.com", "wordpress.org", "youtube.com", "linkedin.com", "cloudflare.com", "pinterest.com", "microsoft.com", "apple.com", "adaware.com", "avanquest.com", "webcompanion.com", "sodapdf.com", "inpixio.com
                                                  2024-07-22 10:51:43 UTC1369INData Raw: 20 22 6e 65 74 77 6f 72 6b 73 6f 6c 75 74 69 6f 6e 73 2e 63 6f 6d 22 2c 20 22 61 6d 61 7a 6f 6e 2e 63 6f 6d 22 2c 20 22 73 68 6f 70 69 66 79 2e 63 6f 6d 22 2c 20 22 64 61 6e 2e 63 6f 6d 22 2c 20 22 62 69 74 2e 6c 79 22 2c 20 22 62 6c 6f 67 73 70 6f 74 2e 63 6f 6d 22 2c 20 22 66 69 6c 65 73 75 73 72 2e 63 6f 6d 22 2c 20 22 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 22 2c 20 22 73 74 61 74 63 6f 75 6e 74 65 72 2e 63 6f 6d 22 2c 20 22 74 75 6d 62 6c 72 2e 63 6f 6d 22 2c 20 22 79 61 6e 64 65 78 2e 72 75 22 2c 20 22 77 61 2e 6d 65 22 2c 20 22 63 70 61 6e 65 6c 2e 6e 65 74 22 2c 20 22 63 70 61 6e 65 6c 2e 63 6f 6d 22 2c 20 22 6a 69 6d 64 6f 2e 63 6f 6d 22 2c 20 22 70 61 79 70 61 6c 2e 63 6f 6d 22 2c 20 22 77 33 2e 6f 72 67 22 2c 20 22 62 6c 75 65 68 6f 73 74 2e 63 6f 6d
                                                  Data Ascii: "networksolutions.com", "amazon.com", "shopify.com", "dan.com", "bit.ly", "blogspot.com", "filesusr.com", "mozilla.org", "statcounter.com", "tumblr.com", "yandex.ru", "wa.me", "cpanel.net", "cpanel.com", "jimdo.com", "paypal.com", "w3.org", "bluehost.com
                                                  2024-07-22 10:51:43 UTC1369INData Raw: 31 61 6e 64 31 2d 65 64 69 74 6f 72 2e 63 6f 6d 22 2c 20 22 6e 67 69 6e 78 2e 6f 72 67 22 2c 20 22 74 72 69 70 61 64 76 69 73 6f 72 2e 63 6f 6d 22 2c 20 22 6d 61 69 6c 63 68 69 6d 70 2e 63 6f 6d 22 2c 20 22 74 72 61 64 65 69 6e 64 69 61 2e 63 6f 6d 22 2c 20 22 77 70 65 6e 67 69 6e 65 2e 63 6f 6d 22 2c 20 22 74 72 75 73 74 70 69 6c 6f 74 2e 63 6f 6d 22 2c 20 22 68 61 74 65 6e 61 2e 6e 65 2e 6a 70 22 2c 20 22 6d 79 73 68 6f 70 69 66 79 2e 63 6f 6d 22 2c 20 22 6f 70 65 6e 73 74 72 65 65 74 6d 61 70 2e 6f 72 67 22 2c 20 22 65 74 73 79 2e 63 6f 6d 22 2c 20 22 69 73 73 75 75 2e 63 6f 6d 22 2c 20 22 74 68 65 6d 65 69 73 6c 65 2e 63 6f 6d 22 2c 20 22 62 65 68 61 6e 63 65 2e 6e 65 74 22 2c 20 22 6e 67 69 6e 78 2e 63 6f 6d 22 2c 20 22 6f 6b 2e 72 75 22 2c 20 22 65
                                                  Data Ascii: 1and1-editor.com", "nginx.org", "tripadvisor.com", "mailchimp.com", "tradeindia.com", "wpengine.com", "trustpilot.com", "hatena.ne.jp", "myshopify.com", "openstreetmap.org", "etsy.com", "issuu.com", "themeisle.com", "behance.net", "nginx.com", "ok.ru", "e
                                                  2024-07-22 10:51:43 UTC1369INData Raw: 73 68 6f 70 2e 63 6f 6d 22 2c 20 22 6d 61 69 6c 63 68 69 2e 6d 70 22 2c 20 22 73 71 75 61 72 65 75 70 2e 63 6f 6d 22 2c 20 22 62 69 67 63 6f 6d 6d 65 72 63 65 2e 63 6f 6d 22 2c 20 22 77 69 6b 69 6d 65 64 69 61 2e 6f 72 67 22 2c 20 22 73 74 72 69 70 65 2e 63 6f 6d 22 2c 20 22 70 61 74 72 65 6f 6e 2e 63 6f 6d 22 2c 20 22 73 6b 79 70 65 2e 63 6f 6d 22 2c 20 22 73 74 75 6d 62 6c 65 75 70 6f 6e 2e 63 6f 6d 22 2c 20 22 73 69 74 65 67 72 6f 75 6e 64 2e 63 6f 6d 22 2c 20 22 74 69 6e 79 75 72 6c 2e 63 6f 6d 22 2c 20 22 6c 69 76 65 63 68 61 74 69 6e 63 2e 63 6f 6d 22 2c 20 22 70 61 79 70 61 6c 2e 6d 65 22 2c 20 22 66 62 2e 6d 65 22 2c 20 22 62 69 6e 67 2e 63 6f 6d 22 2c 20 22 63 61 6c 65 6e 64 6c 79 2e 63 6f 6d 22 2c 20 22 74 65 61 6d 76 69 65 77 65 72 2e 63 6f 6d
                                                  Data Ascii: shop.com", "mailchi.mp", "squareup.com", "bigcommerce.com", "wikimedia.org", "stripe.com", "patreon.com", "skype.com", "stumbleupon.com", "siteground.com", "tinyurl.com", "livechatinc.com", "paypal.me", "fb.me", "bing.com", "calendly.com", "teamviewer.com
                                                  2024-07-22 10:51:43 UTC1369INData Raw: 65 61 64 73 2e 63 6f 6d 22 2c 20 22 67 6f 2e 63 6f 22 2c 20 22 74 65 63 68 63 72 75 6e 63 68 2e 63 6f 6d 22 2c 20 22 6e 69 63 2e 61 74 22 2c 20 22 73 68 69 6e 79 73 74 61 74 2e 63 6f 6d 22 2c 20 22 7a 61 6c 6f 2e 6d 65 22 2c 20 22 6d 61 74 6f 6d 6f 2e 6f 72 67 22 2c 20 22 63 72 79 6f 75 74 63 72 65 61 74 69 6f 6e 73 2e 65 75 22 2c 20 22 68 75 66 66 69 6e 67 74 6f 6e 70 6f 73 74 2e 63 6f 6d 22 2c 20 22 6b 61 6b 61 6f 2e 63 6f 6d 22 2c 20 22 32 32 2e 63 6e 22 2c 20 22 6c 69 74 65 73 70 65 65 64 74 65 63 68 2e 63 6f 6d 22 2c 20 22 62 6c 6f 6f 6d 62 65 72 67 2e 63 6f 6d 22 2c 20 22 75 6e 2e 6f 72 67 22 2c 20 22 63 6c 69 63 6b 66 75 6e 6e 65 6c 73 2e 63 6f 6d 22 2c 20 22 74 68 65 76 65 72 67 65 2e 63 6f 6d 22 2c 20 22 64 72 75 70 61 6c 2e 6f 72 67 22 2c 20 22
                                                  Data Ascii: eads.com", "go.co", "techcrunch.com", "nic.at", "shinystat.com", "zalo.me", "matomo.org", "cryoutcreations.eu", "huffingtonpost.com", "kakao.com", "22.cn", "litespeedtech.com", "bloomberg.com", "un.org", "clickfunnels.com", "theverge.com", "drupal.org", "
                                                  2024-07-22 10:51:43 UTC1369INData Raw: 61 74 69 73 74 61 2e 63 6f 6d 22 2c 20 22 31 32 33 37 37 2e 63 6e 22 2c 20 22 73 6d 61 73 68 62 61 6c 6c 6f 6f 6e 2e 63 6f 6d 22 2c 20 22 73 70 72 69 6e 67 65 72 2e 63 6f 6d 22 2c 20 22 73 74 61 6e 66 6f 72 64 2e 65 64 75 22 2c 20 22 61 69 72 62 6e 62 2e 63 6f 6d 22 2c 20 22 77 68 6f 69 73 2e 63 6f 22 2c 20 22 74 69 6d 65 2e 63 6f 6d 22 2c 20 22 61 63 74 69 76 65 6d 69 6e 64 2e 64 65 22 2c 20 22 67 69 70 68 79 2e 63 6f 6d 22 2c 20 22 6d 61 70 79 2e 63 7a 22 2c 20 22 77 69 6b 69 68 6f 77 2e 63 6f 6d 22 2c 20 22 70 68 70 62 62 2e 63 6f 6d 22 2c 20 22 61 6c 69 62 61 62 61 2e 63 6f 6d 22 2c 20 22 67 6f 6f 67 6c 65 2e 63 61 22 2c 20 22 66 64 61 2e 67 6f 76 22 2c 20 22 37 2d 7a 69 70 2e 6f 72 67 22 2c 20 22 6d 6f 7a 69 6c 6c 61 2e 63 6f 6d 22 2c 20 22 63 61 66
                                                  Data Ascii: atista.com", "12377.cn", "smashballoon.com", "springer.com", "stanford.edu", "airbnb.com", "whois.co", "time.com", "activemind.de", "giphy.com", "mapy.cz", "wikihow.com", "phpbb.com", "alibaba.com", "google.ca", "fda.gov", "7-zip.org", "mozilla.com", "caf
                                                  2024-07-22 10:51:43 UTC1369INData Raw: 2e 6f 72 67 22 2c 20 22 6c 61 74 69 6d 65 73 2e 63 6f 6d 22 2c 20 22 73 6f 75 72 63 65 6d 6f 64 2e 6e 65 74 22 2c 20 22 73 68 6f 70 70 79 2e 67 67 22 2c 20 22 62 6f 6f 74 73 74 72 61 70 64 61 73 68 2e 63 6f 6d 22 2c 20 22 6e 65 74 64 6e 61 2d 73 73 6c 2e 63 6f 6d 22 2c 20 22 69 6e 64 65 70 65 6e 64 65 6e 74 2e 63 6f 2e 75 6b 22 2c 20 22 79 6f 75 6b 75 2e 63 6f 6d 22 2c 20 22 77 6f 77 73 6c 69 64 65 72 2e 63 6f 6d 22 2c 20 22 79 61 64 69 2e 73 6b 22 2c 20 22 73 75 69 74 61 62 6c 65 6e 61 6d 65 73 2e 63 6f 6d 22 2c 20 22 63 73 73 6d 6f 62 61 6e 2e 63 6f 6d 22 2c 20 22 74 72 69 70 61 64 76 69 73 6f 72 2e 69 74 22 2c 20 22 77 77 77 2e 6e 68 73 2e 75 6b 22 2c 20 22 6d 69 70 63 6d 73 2e 63 6f 6d 22 2c 20 22 65 77 65 62 64 65 76 65 6c 6f 70 6d 65 6e 74 2e 63 6f
                                                  Data Ascii: .org", "latimes.com", "sourcemod.net", "shoppy.gg", "bootstrapdash.com", "netdna-ssl.com", "independent.co.uk", "youku.com", "wowslider.com", "yadi.sk", "suitablenames.com", "cssmoban.com", "tripadvisor.it", "www.nhs.uk", "mipcms.com", "ewebdevelopment.co
                                                  2024-07-22 10:51:43 UTC1369INData Raw: 2c 20 22 72 6f 62 6f 74 73 74 78 74 2e 6f 72 67 22 2c 20 22 69 6f 6e 6f 73 2e 66 72 22 2c 20 22 62 6f 72 6c 61 62 73 2e 69 6f 22 2c 20 22 65 76 65 6e 74 62 72 69 74 65 2e 63 6f 2e 75 6b 22 2c 20 22 67 69 74 6c 61 62 2e 63 6f 6d 22 2c 20 22 66 74 2e 63 6f 6d 22 2c 20 22 61 6e 67 69 65 73 6c 69 73 74 2e 63 6f 6d 22 2c 20 22 74 68 65 6d 65 2d 66 75 73 69 6f 6e 2e 63 6f 6d 22 2c 20 22 73 68 75 74 74 65 72 73 74 6f 63 6b 2e 63 6f 6d 22 2c 20 22 63 79 62 65 72 66 6f 6c 6b 73 2e 70 6c 22 2c 20 22 7a 7a 79 69 64 61 2e 6e 65 74 22 2c 20 22 62 6c 6f 67 73 70 6f 74 2e 63 6f 6d 2e 65 73 22 2c 20 22 6d 61 70 71 75 65 73 74 2e 63 6f 6d 22 2c 20 22 68 6f 74 6c 6f 67 2e 72 75 22 2c 20 22 73 62 61 2e 67 6f 76 22 2c 20 22 70 65 6f 70 6c 65 2e 63 6f 6d 2e 63 6e 22 2c 20 22
                                                  Data Ascii: , "robotstxt.org", "ionos.fr", "borlabs.io", "eventbrite.co.uk", "gitlab.com", "ft.com", "angieslist.com", "theme-fusion.com", "shutterstock.com", "cyberfolks.pl", "zzyida.net", "blogspot.com.es", "mapquest.com", "hotlog.ru", "sba.gov", "people.com.cn", "
                                                  2024-07-22 10:51:43 UTC1369INData Raw: 22 66 6f 72 74 75 6e 65 2e 63 6f 6d 22 2c 20 22 76 69 61 63 61 6e 61 64 61 6d 65 64 2e 63 6f 6d 22 2c 20 22 66 72 65 73 68 64 65 73 6b 2e 63 6f 6d 22 2c 20 22 75 6b 2e 63 6f 6d 22 2c 20 22 66 72 65 65 6e 6f 64 65 2e 6e 65 74 22 2c 20 22 61 6e 6f 6e 79 6d 69 7a 65 2e 63 6f 6d 22 2c 20 22 62 6c 6f 67 73 70 6f 74 2e 64 65 22 2c 20 22 61 61 72 6f 6e 70 61 72 65 63 6b 69 2e 63 6f 6d 22 2c 20 22 77 61 6c 6d 61 72 74 2e 63 6f 6d 22 2c 20 22 68 65 74 7a 6e 65 72 2e 64 65 22 2c 20 22 70 79 74 68 6f 6e 2e 6f 72 67 22 2c 20 22 72 6b 6e 2e 67 6f 76 2e 72 75 22 2c 20 22 6d 65 74 69 2e 67 6f 2e 6a 70 22 2c 20 22 68 6f 73 74 6e 65 74 2e 6e 6c 22 2c 20 22 65 6e 61 6d 61 64 2e 69 72 22 2c 20 22 62 69 74 6c 79 2e 63 6f 6d 22 2c 20 22 73 65 63 2e 67 6f 76 22 2c 20 22 6f 73
                                                  Data Ascii: "fortune.com", "viacanadamed.com", "freshdesk.com", "uk.com", "freenode.net", "anonymize.com", "blogspot.de", "aaronparecki.com", "walmart.com", "hetzner.de", "python.org", "rkn.gov.ru", "meti.go.jp", "hostnet.nl", "enamad.ir", "bitly.com", "sec.gov", "os
                                                  2024-07-22 10:51:43 UTC1369INData Raw: 70 75 62 2e 63 6f 6d 22 2c 20 22 61 6d 61 7a 6f 6e 2e 63 61 22 2c 20 22 6e 6d 6c 73 63 6f 6e 73 75 6d 65 72 61 63 63 65 73 73 2e 6f 72 67 22 2c 20 22 6d 79 6f 72 64 65 72 62 6f 78 2e 63 6f 6d 22 2c 20 22 73 6b 69 70 74 68 65 64 69 73 68 65 73 2e 63 6f 6d 22 2c 20 22 6e 70 6d 6a 73 2e 63 6f 6d 22 2c 20 22 6a 75 73 74 67 69 76 69 6e 67 2e 63 6f 6d 22 2c 20 22 62 65 66 72 69 65 6e 64 65 72 73 2e 6f 72 67 22 2c 20 22 68 65 69 73 65 2e 64 65 22 2c 20 22 73 70 68 69 6e 78 2d 64 6f 63 2e 6f 72 67 22 2c 20 22 66 6f 72 6d 73 74 61 63 6b 2e 63 6f 6d 22 2c 20 22 68 6f 6d 65 61 64 76 69 73 6f 72 2e 63 6f 6d 22 2c 20 22 62 6f 78 2e 63 6f 6d 22 2c 20 22 6d 75 66 66 69 6e 67 72 6f 75 70 2e 63 6f 6d 22 2c 20 22 61 63 75 69 74 79 73 63 68 65 64 75 6c 69 6e 67 2e 63 6f 6d
                                                  Data Ascii: pub.com", "amazon.ca", "nmlsconsumeraccess.org", "myorderbox.com", "skipthedishes.com", "npmjs.com", "justgiving.com", "befrienders.org", "heise.de", "sphinx-doc.org", "formstack.com", "homeadvisor.com", "box.com", "muffingroup.com", "acuityscheduling.com


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  12192.168.2.849741104.16.149.130443632C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:51:49 UTC174OUTPOST /v1/event-stat?Type=Launch&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 303
                                                  Connection: Keep-Alive
                                                  2024-07-22 10:51:49 UTC303OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 53 74 61 72 74 54 72 69 67 67 65 72 22 3a 22 49 6e 73 74 61 6c 6c 52 75 6e 22 2c 22 49 6e 73 74 61 6c 6c 44 61 74 65 22 3a 22 32 30 32 34 2d 30 37 2d 32 32 54 30 30 3a 30 30 3a 30 30 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30 2d 62 31 34 38 2d 34 36 32 64 2d 38 32 38 34 2d 39 34 65 63 30 37 34 35 62 33 62 34 22 2c 22 4c 61 6e 67 75 61 67 65 22 3a 22 65 6e 2d 55 53 22 2c 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 4f 73 56 65 72 73 69 6f 6e 22 3a 22 4d 69 63 72 6f 73 6f 66 74 20 57 69 6e 64 6f 77 73 20 31 30 20 50 72 6f 22 2c 22 50 61 72 74 6e 65 72 49 64 22 3a 22 46 5a 32 31 30 34 32 37
                                                  Data Ascii: {"Data": {"StartTrigger":"InstallRun","InstallDate":"2024-07-22T00:00:00","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Language":"en-US","MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","OsVersion":"Microsoft Windows 10 Pro","PartnerId":"FZ210427
                                                  2024-07-22 10:51:50 UTC479INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:50 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e0b51db842a0-EWR
                                                  2024-07-22 10:51:50 UTC35INData Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}
                                                  2024-07-22 10:51:50 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  13192.168.2.849748104.16.149.130443632C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:51:59 UTC156OUTPOST /v1/event-stat?Type=NanoBrowser&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 1648
                                                  2024-07-22 10:51:59 UTC1648OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 54 72 69 67 67 65 72 22 3a 22 49 6e 73 74 61 6c 6c 22 2c 22 42 72 6f 77 73 65 72 22 3a 7b 22 43 68 72 6f 6d 65 22 3a 7b 22 49 73 44 65 66 61 75 6c 74 22 3a 74 72 75 65 2c 22 49 73 49 6e 73 74 61 6c 6c 65 64 22 3a 74 72 75 65 2c 22 49 73 52 75 6e 6e 69 6e 67 22 3a 66 61 6c 73 65 2c 22 4f 72 69 67 69 6e 61 6c 48 6f 6d 65 50 61 67 65 22 3a 22 61 62 6f 75 74 3a 68 6f 6d 65 22 2c 22 4f 72 69 67 69 6e 61 6c 53 65 61 72 63 68 22 3a 22 47 6f 6f 67 6c 65 22 2c 22 56 65 72 73 69 6f 6e 22 3a 22 31 31 37 2e 30 2e 35 39 33 38 2e 31 33 32 22 7d 2c 22 45 64 67 65 22 3a 7b 22 49 73 44 65 66 61 75 6c 74 22 3a 66 61 6c 73 65 2c 22 49 73 49 6e 73 74 61 6c 6c 65 64 22 3a 66 61 6c 73 65 2c 22 49 73 52 75 6e 6e 69 6e 67 22 3a 66 61 6c 73 65 2c
                                                  Data Ascii: {"Data": {"Trigger":"Install","Browser":{"Chrome":{"IsDefault":true,"IsInstalled":true,"IsRunning":false,"OriginalHomePage":"about:home","OriginalSearch":"Google","Version":"117.0.5938.132"},"Edge":{"IsDefault":false,"IsInstalled":false,"IsRunning":false,
                                                  2024-07-22 10:51:59 UTC479INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:51:59 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e0ee58968cc5-EWR
                                                  2024-07-22 10:51:59 UTC35INData Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}
                                                  2024-07-22 10:51:59 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  14192.168.2.849753104.16.149.1304437100C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:52:09 UTC190OUTPOST /v1/event-stat?Type=ValidateMicrotargeting&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 678
                                                  Connection: Keep-Alive
                                                  2024-07-22 10:52:09 UTC678OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 43 68 72 6f 6d 65 43 75 72 72 65 6e 74 53 65 61 72 63 68 22 3a 22 47 6f 6f 67 6c 65 22 2c 22 43 68 72 6f 6d 65 56 65 72 73 69 6f 6e 22 3a 22 31 31 37 2e 30 2e 35 39 33 38 2e 31 33 32 22 2c 22 46 65 61 74 75 72 65 4d 61 74 63 68 22 3a 74 72 75 65 2c 22 46 69 72 65 66 6f 78 43 75 72 72 65 6e 74 53 65 61 72 63 68 22 3a 22 47 6f 6f 67 6c 65 22 2c 22 46 69 72 65 66 6f 78 56 65 72 73 69 6f 6e 22 3a 22 31 31 38 2e 30 2e 31 22 2c 22 49 6e 73 74 61 6c 6c 41 67 65 22 3a 22 30 22 2c 22 49 73 43 68 72 6f 6d 65 49 6e 73 74 61 6c 6c 65 64 22 3a 74 72 75 65 2c 22 49 73 46 69 72 65 66 6f 78 49 6e 73 74 61 6c 6c 65 64 22 3a 74 72 75 65 2c 22 4f 75 72 49 6e 73 74 61 6c 6c 65 64 45 78 74 65 6e 73 69 6f 6e 73 22 3a 5b 5d 2c 22 4f 75 72 53 65
                                                  Data Ascii: {"Data": {"ChromeCurrentSearch":"Google","ChromeVersion":"117.0.5938.132","FeatureMatch":true,"FirefoxCurrentSearch":"Google","FirefoxVersion":"118.0.1","InstallAge":"0","IsChromeInstalled":true,"IsFirefoxInstalled":true,"OurInstalledExtensions":[],"OurSe
                                                  2024-07-22 10:52:09 UTC479INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:52:09 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e12f7c950f7c-EWR
                                                  2024-07-22 10:52:09 UTC35INData Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}
                                                  2024-07-22 10:52:09 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  15192.168.2.849756104.16.149.1304437100C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:52:10 UTC161OUTPOST /v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 510
                                                  2024-07-22 10:52:10 UTC510OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 54 72 69 67 67 65 72 22 3a 22 44 61 69 6c 79 52 75 6e 22 2c 22 46 65 61 74 75 72 65 22 3a 22 54 65 6c 65 6d 65 74 72 79 53 68 69 65 6c 64 22 2c 22 41 63 74 69 6f 6e 22 3a 6e 75 6c 6c 2c 22 53 74 61 74 75 73 22 3a 22 53 74 61 72 74 22 2c 22 4d 65 73 73 61 67 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 54 65 6d 70 6c 61 74 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 4e 61 6d 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 4d 65 73 73 61 67 65 22 3a 6e 75 6c 6c 2c 22 55 49 22 3a 6e 75 6c 6c 2c 22 55 73 65 72 49 6e 70 75 74 22 3a 6e 75 6c 6c 2c 22 53 65 61 72 63 68 45 6e 67 69 6e 65 22 3a 6e 75 6c 6c 2c 22 45 78 74 65 6e 73 69 6f 6e 49 64 22 3a 6e 75 6c 6c 2c 22 43 72 69 74 65 72 69 61 22 3a 6e 75 6c 6c 2c 22 49 6e 73 74 61 6c 6c 44 61
                                                  Data Ascii: {"Data": {"Trigger":"DailyRun","Feature":"TelemetryShield","Action":null,"Status":"Start","Message":null,"OfferTemplate":null,"OfferName":null,"OfferMessage":null,"UI":null,"UserInput":null,"SearchEngine":null,"ExtensionId":null,"Criteria":null,"InstallDa
                                                  2024-07-22 10:52:10 UTC479INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:52:10 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e13449418cda-EWR
                                                  2024-07-22 10:52:10 UTC35INData Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}
                                                  2024-07-22 10:52:10 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  16192.168.2.849757104.16.149.1304437100C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:52:10 UTC161OUTPOST /v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 925
                                                  2024-07-22 10:52:10 UTC925OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 54 72 69 67 67 65 72 22 3a 22 44 61 69 6c 79 52 75 6e 22 2c 22 46 65 61 74 75 72 65 22 3a 22 54 65 6c 65 6d 65 74 72 79 53 68 69 65 6c 64 22 2c 22 41 63 74 69 6f 6e 22 3a 22 45 6e 61 62 6c 65 46 46 54 65 6c 65 6d 65 74 72 79 53 68 69 65 6c 64 22 2c 22 53 74 61 74 75 73 22 3a 22 45 6c 69 67 69 62 6c 65 22 2c 22 4d 65 73 73 61 67 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 54 65 6d 70 6c 61 74 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 4e 61 6d 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 4d 65 73 73 61 67 65 22 3a 6e 75 6c 6c 2c 22 55 49 22 3a 6e 75 6c 6c 2c 22 55 73 65 72 49 6e 70 75 74 22 3a 6e 75 6c 6c 2c 22 53 65 61 72 63 68 45 6e 67 69 6e 65 22 3a 6e 75 6c 6c 2c 22 45 78 74 65 6e 73 69 6f 6e 49 64 22 3a 6e 75 6c 6c 2c 22 43
                                                  Data Ascii: {"Data": {"Trigger":"DailyRun","Feature":"TelemetryShield","Action":"EnableFFTelemetryShield","Status":"Eligible","Message":null,"OfferTemplate":null,"OfferName":null,"OfferMessage":null,"UI":null,"UserInput":null,"SearchEngine":null,"ExtensionId":null,"C
                                                  2024-07-22 10:52:11 UTC479INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:52:11 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e138fc90c463-EWR
                                                  2024-07-22 10:52:11 UTC35INData Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}
                                                  2024-07-22 10:52:11 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  17192.168.2.849758104.16.149.1304437100C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:52:11 UTC161OUTPOST /v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 527
                                                  2024-07-22 10:52:11 UTC527OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 54 72 69 67 67 65 72 22 3a 22 44 61 69 6c 79 52 75 6e 22 2c 22 46 65 61 74 75 72 65 22 3a 22 54 65 6c 65 6d 65 74 72 79 53 68 69 65 6c 64 22 2c 22 41 63 74 69 6f 6e 22 3a 22 45 6e 61 62 6c 65 46 46 54 65 6c 65 6d 65 74 72 79 53 68 69 65 6c 64 22 2c 22 53 74 61 74 75 73 22 3a 22 50 65 72 66 6f 72 6d 22 2c 22 4d 65 73 73 61 67 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 54 65 6d 70 6c 61 74 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 4e 61 6d 65 22 3a 22 22 2c 22 4f 66 66 65 72 4d 65 73 73 61 67 65 22 3a 22 22 2c 22 55 49 22 3a 22 53 69 6c 65 6e 74 22 2c 22 55 73 65 72 49 6e 70 75 74 22 3a 22 22 2c 22 53 65 61 72 63 68 45 6e 67 69 6e 65 22 3a 22 22 2c 22 45 78 74 65 6e 73 69 6f 6e 49 64 22 3a 22 22 2c 22 43 72 69 74 65 72 69 61
                                                  Data Ascii: {"Data": {"Trigger":"DailyRun","Feature":"TelemetryShield","Action":"EnableFFTelemetryShield","Status":"Perform","Message":null,"OfferTemplate":null,"OfferName":"","OfferMessage":"","UI":"Silent","UserInput":"","SearchEngine":"","ExtensionId":"","Criteria
                                                  2024-07-22 10:52:11 UTC479INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:52:11 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e13e0e13c340-EWR
                                                  2024-07-22 10:52:11 UTC35INData Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}
                                                  2024-07-22 10:52:11 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  18192.168.2.849759104.16.149.1304437100C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:52:12 UTC161OUTPOST /v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 513
                                                  2024-07-22 10:52:12 UTC513OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 54 72 69 67 67 65 72 22 3a 22 44 61 69 6c 79 52 75 6e 22 2c 22 46 65 61 74 75 72 65 22 3a 22 54 65 6c 65 6d 65 74 72 79 53 68 69 65 6c 64 22 2c 22 41 63 74 69 6f 6e 22 3a 6e 75 6c 6c 2c 22 53 74 61 74 75 73 22 3a 22 43 6f 6d 70 6c 65 74 65 22 2c 22 4d 65 73 73 61 67 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 54 65 6d 70 6c 61 74 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 4e 61 6d 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 4d 65 73 73 61 67 65 22 3a 6e 75 6c 6c 2c 22 55 49 22 3a 6e 75 6c 6c 2c 22 55 73 65 72 49 6e 70 75 74 22 3a 6e 75 6c 6c 2c 22 53 65 61 72 63 68 45 6e 67 69 6e 65 22 3a 6e 75 6c 6c 2c 22 45 78 74 65 6e 73 69 6f 6e 49 64 22 3a 6e 75 6c 6c 2c 22 43 72 69 74 65 72 69 61 22 3a 6e 75 6c 6c 2c 22 49 6e 73 74 61 6c
                                                  Data Ascii: {"Data": {"Trigger":"DailyRun","Feature":"TelemetryShield","Action":null,"Status":"Complete","Message":null,"OfferTemplate":null,"OfferName":null,"OfferMessage":null,"UI":null,"UserInput":null,"SearchEngine":null,"ExtensionId":null,"Criteria":null,"Instal
                                                  2024-07-22 10:52:12 UTC479INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:52:12 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e14288127c84-EWR
                                                  2024-07-22 10:52:12 UTC35INData Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}
                                                  2024-07-22 10:52:12 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  19192.168.2.849760104.16.149.1304437100C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:52:13 UTC161OUTPOST /v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 506
                                                  2024-07-22 10:52:13 UTC506OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 54 72 69 67 67 65 72 22 3a 22 44 61 69 6c 79 52 75 6e 22 2c 22 46 65 61 74 75 72 65 22 3a 22 43 48 53 65 61 72 63 68 53 65 74 22 2c 22 41 63 74 69 6f 6e 22 3a 6e 75 6c 6c 2c 22 53 74 61 74 75 73 22 3a 22 53 74 61 72 74 22 2c 22 4d 65 73 73 61 67 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 54 65 6d 70 6c 61 74 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 4e 61 6d 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 4d 65 73 73 61 67 65 22 3a 6e 75 6c 6c 2c 22 55 49 22 3a 6e 75 6c 6c 2c 22 55 73 65 72 49 6e 70 75 74 22 3a 6e 75 6c 6c 2c 22 53 65 61 72 63 68 45 6e 67 69 6e 65 22 3a 6e 75 6c 6c 2c 22 45 78 74 65 6e 73 69 6f 6e 49 64 22 3a 6e 75 6c 6c 2c 22 43 72 69 74 65 72 69 61 22 3a 6e 75 6c 6c 2c 22 49 6e 73 74 61 6c 6c 44 61 74 65 22 3a
                                                  Data Ascii: {"Data": {"Trigger":"DailyRun","Feature":"CHSearchSet","Action":null,"Status":"Start","Message":null,"OfferTemplate":null,"OfferName":null,"OfferMessage":null,"UI":null,"UserInput":null,"SearchEngine":null,"ExtensionId":null,"Criteria":null,"InstallDate":
                                                  2024-07-22 10:52:13 UTC479INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:52:13 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e1474b491a03-EWR
                                                  2024-07-22 10:52:13 UTC35INData Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}
                                                  2024-07-22 10:52:13 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  20192.168.2.849761104.16.149.1304437100C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:52:14 UTC162OUTPOST /v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 1052
                                                  2024-07-22 10:52:14 UTC1052OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 54 72 69 67 67 65 72 22 3a 22 44 61 69 6c 79 52 75 6e 22 2c 22 46 65 61 74 75 72 65 22 3a 22 43 48 53 65 61 72 63 68 53 65 74 22 2c 22 41 63 74 69 6f 6e 22 3a 22 45 6e 61 62 6c 65 53 65 61 72 63 68 53 65 74 43 68 72 6f 6d 65 22 2c 22 53 74 61 74 75 73 22 3a 22 4e 6f 74 45 6c 69 67 69 62 6c 65 22 2c 22 4d 65 73 73 61 67 65 22 3a 22 4f 75 72 53 65 61 72 63 68 20 66 61 69 6c 65 64 22 2c 22 4f 66 66 65 72 54 65 6d 70 6c 61 74 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 4e 61 6d 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 4d 65 73 73 61 67 65 22 3a 6e 75 6c 6c 2c 22 55 49 22 3a 6e 75 6c 6c 2c 22 55 73 65 72 49 6e 70 75 74 22 3a 6e 75 6c 6c 2c 22 53 65 61 72 63 68 45 6e 67 69 6e 65 22 3a 6e 75 6c 6c 2c 22 45 78 74 65 6e 73 69 6f 6e
                                                  Data Ascii: {"Data": {"Trigger":"DailyRun","Feature":"CHSearchSet","Action":"EnableSearchSetChrome","Status":"NotEligible","Message":"OurSearch failed","OfferTemplate":null,"OfferName":null,"OfferMessage":null,"UI":null,"UserInput":null,"SearchEngine":null,"Extension
                                                  2024-07-22 10:52:14 UTC479INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:52:14 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e14cdcf0434b-EWR
                                                  2024-07-22 10:52:14 UTC35INData Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}
                                                  2024-07-22 10:52:14 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  21192.168.2.849762104.16.149.1304437100C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:52:14 UTC161OUTPOST /v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 509
                                                  2024-07-22 10:52:14 UTC509OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 54 72 69 67 67 65 72 22 3a 22 44 61 69 6c 79 52 75 6e 22 2c 22 46 65 61 74 75 72 65 22 3a 22 43 48 53 65 61 72 63 68 53 65 74 22 2c 22 41 63 74 69 6f 6e 22 3a 6e 75 6c 6c 2c 22 53 74 61 74 75 73 22 3a 22 43 6f 6d 70 6c 65 74 65 22 2c 22 4d 65 73 73 61 67 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 54 65 6d 70 6c 61 74 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 4e 61 6d 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 4d 65 73 73 61 67 65 22 3a 6e 75 6c 6c 2c 22 55 49 22 3a 6e 75 6c 6c 2c 22 55 73 65 72 49 6e 70 75 74 22 3a 6e 75 6c 6c 2c 22 53 65 61 72 63 68 45 6e 67 69 6e 65 22 3a 6e 75 6c 6c 2c 22 45 78 74 65 6e 73 69 6f 6e 49 64 22 3a 6e 75 6c 6c 2c 22 43 72 69 74 65 72 69 61 22 3a 6e 75 6c 6c 2c 22 49 6e 73 74 61 6c 6c 44 61 74
                                                  Data Ascii: {"Data": {"Trigger":"DailyRun","Feature":"CHSearchSet","Action":null,"Status":"Complete","Message":null,"OfferTemplate":null,"OfferName":null,"OfferMessage":null,"UI":null,"UserInput":null,"SearchEngine":null,"ExtensionId":null,"Criteria":null,"InstallDat
                                                  2024-07-22 10:52:15 UTC479INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:52:14 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e1512fa743c4-EWR
                                                  2024-07-22 10:52:15 UTC35INData Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}
                                                  2024-07-22 10:52:15 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  22192.168.2.849763104.16.149.1304437100C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:52:15 UTC161OUTPOST /v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 504
                                                  2024-07-22 10:52:15 UTC504OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 54 72 69 67 67 65 72 22 3a 22 44 61 69 6c 79 52 75 6e 22 2c 22 46 65 61 74 75 72 65 22 3a 22 53 65 61 72 63 68 53 65 74 22 2c 22 41 63 74 69 6f 6e 22 3a 6e 75 6c 6c 2c 22 53 74 61 74 75 73 22 3a 22 53 74 61 72 74 22 2c 22 4d 65 73 73 61 67 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 54 65 6d 70 6c 61 74 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 4e 61 6d 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 4d 65 73 73 61 67 65 22 3a 6e 75 6c 6c 2c 22 55 49 22 3a 6e 75 6c 6c 2c 22 55 73 65 72 49 6e 70 75 74 22 3a 6e 75 6c 6c 2c 22 53 65 61 72 63 68 45 6e 67 69 6e 65 22 3a 6e 75 6c 6c 2c 22 45 78 74 65 6e 73 69 6f 6e 49 64 22 3a 6e 75 6c 6c 2c 22 43 72 69 74 65 72 69 61 22 3a 6e 75 6c 6c 2c 22 49 6e 73 74 61 6c 6c 44 61 74 65 22 3a 22 32
                                                  Data Ascii: {"Data": {"Trigger":"DailyRun","Feature":"SearchSet","Action":null,"Status":"Start","Message":null,"OfferTemplate":null,"OfferName":null,"OfferMessage":null,"UI":null,"UserInput":null,"SearchEngine":null,"ExtensionId":null,"Criteria":null,"InstallDate":"2
                                                  2024-07-22 10:52:15 UTC479INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:52:15 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e1562aa4178c-EWR
                                                  2024-07-22 10:52:15 UTC35INData Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}
                                                  2024-07-22 10:52:15 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  23192.168.2.849764104.16.149.1304437100C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:52:16 UTC162OUTPOST /v1/event-stat?Type=FeatureActionInfo&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 1225
                                                  2024-07-22 10:52:16 UTC1225OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 54 72 69 67 67 65 72 22 3a 22 44 61 69 6c 79 52 75 6e 22 2c 22 46 65 61 74 75 72 65 22 3a 22 53 65 61 72 63 68 53 65 74 22 2c 22 41 63 74 69 6f 6e 22 3a 22 45 6e 61 62 6c 65 53 65 61 72 63 68 53 65 74 43 68 72 6f 6d 65 22 2c 22 53 74 61 74 75 73 22 3a 22 45 6c 69 67 69 62 6c 65 22 2c 22 4d 65 73 73 61 67 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 54 65 6d 70 6c 61 74 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 4e 61 6d 65 22 3a 6e 75 6c 6c 2c 22 4f 66 66 65 72 4d 65 73 73 61 67 65 22 3a 6e 75 6c 6c 2c 22 55 49 22 3a 6e 75 6c 6c 2c 22 55 73 65 72 49 6e 70 75 74 22 3a 6e 75 6c 6c 2c 22 53 65 61 72 63 68 45 6e 67 69 6e 65 22 3a 6e 75 6c 6c 2c 22 45 78 74 65 6e 73 69 6f 6e 49 64 22 3a 6e 75 6c 6c 2c 22 43 72 69 74 65 72 69 61 22
                                                  Data Ascii: {"Data": {"Trigger":"DailyRun","Feature":"SearchSet","Action":"EnableSearchSetChrome","Status":"Eligible","Message":null,"OfferTemplate":null,"OfferName":null,"OfferMessage":null,"UI":null,"UserInput":null,"SearchEngine":null,"ExtensionId":null,"Criteria"
                                                  2024-07-22 10:52:16 UTC479INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:52:16 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e15c3ead41a9-EWR
                                                  2024-07-22 10:52:16 UTC35INData Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}
                                                  2024-07-22 10:52:16 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  24192.168.2.849765104.16.149.1304437100C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:52:17 UTC154OUTPOST /v1/event-stat?Type=DialogShow&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 352
                                                  2024-07-22 10:52:17 UTC352OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 46 65 61 74 75 72 65 22 3a 22 53 65 61 72 63 68 53 65 74 22 2c 22 53 74 61 74 75 73 22 3a 22 50 72 65 53 68 6f 77 22 2c 22 49 73 54 68 72 65 61 64 22 3a 66 61 6c 73 65 2c 22 49 73 41 63 63 65 70 74 65 64 22 3a 66 61 6c 73 65 2c 22 49 6e 73 74 61 6c 6c 44 61 74 65 22 3a 22 32 30 32 34 2d 30 37 2d 32 32 54 30 30 3a 30 30 3a 30 30 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30 2d 62 31 34 38 2d 34 36 32 64 2d 38 32 38 34 2d 39 34 65 63 30 37 34 35 62 33 62 34 22 2c 22 4c 61 6e 67 75 61 67 65 22 3a 22 65 6e 2d 55 53 22 2c 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 4f 73 56 65 72 73 69 6f 6e 22
                                                  Data Ascii: {"Data": {"Feature":"SearchSet","Status":"PreShow","IsThread":false,"IsAccepted":false,"InstallDate":"2024-07-22T00:00:00","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Language":"en-US","MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","OsVersion"
                                                  2024-07-22 10:52:17 UTC479INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:52:17 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e160cf6e6a5c-EWR
                                                  2024-07-22 10:52:17 UTC35INData Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}
                                                  2024-07-22 10:52:17 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  25192.168.2.849766104.16.149.1304437100C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:52:18 UTC154OUTPOST /v1/event-stat?Type=DialogShow&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 353
                                                  2024-07-22 10:52:18 UTC353OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 46 65 61 74 75 72 65 22 3a 22 53 65 61 72 63 68 53 65 74 22 2c 22 53 74 61 74 75 73 22 3a 22 50 6f 73 74 53 68 6f 77 22 2c 22 49 73 54 68 72 65 61 64 22 3a 66 61 6c 73 65 2c 22 49 73 41 63 63 65 70 74 65 64 22 3a 66 61 6c 73 65 2c 22 49 6e 73 74 61 6c 6c 44 61 74 65 22 3a 22 32 30 32 34 2d 30 37 2d 32 32 54 30 30 3a 30 30 3a 30 30 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30 2d 62 31 34 38 2d 34 36 32 64 2d 38 32 38 34 2d 39 34 65 63 30 37 34 35 62 33 62 34 22 2c 22 4c 61 6e 67 75 61 67 65 22 3a 22 65 6e 2d 55 53 22 2c 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 4f 73 56 65 72 73 69 6f 6e
                                                  Data Ascii: {"Data": {"Feature":"SearchSet","Status":"PostShow","IsThread":false,"IsAccepted":false,"InstallDate":"2024-07-22T00:00:00","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Language":"en-US","MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","OsVersion
                                                  2024-07-22 10:52:18 UTC479INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:52:18 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e16559bf0caa-EWR
                                                  2024-07-22 10:52:18 UTC35INData Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}
                                                  2024-07-22 10:52:18 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  26192.168.2.849767104.16.149.1304437100C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:52:20 UTC150OUTPOST /v1/event-stat?Type=UIOpen&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 304
                                                  2024-07-22 10:52:20 UTC304OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 53 65 73 73 69 6f 6e 22 3a 31 2c 22 54 72 69 67 67 65 72 22 3a 22 55 73 65 72 22 2c 22 49 6e 73 74 61 6c 6c 44 61 74 65 22 3a 22 32 30 32 34 2d 30 37 2d 32 32 54 30 30 3a 30 30 3a 30 30 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30 2d 62 31 34 38 2d 34 36 32 64 2d 38 32 38 34 2d 39 34 65 63 30 37 34 35 62 33 62 34 22 2c 22 4c 61 6e 67 75 61 67 65 22 3a 22 65 6e 2d 55 53 22 2c 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 4f 73 56 65 72 73 69 6f 6e 22 3a 22 4d 69 63 72 6f 73 6f 66 74 20 57 69 6e 64 6f 77 73 20 31 30 20 50 72 6f 22 2c 22 50 61 72 74 6e 65 72 49 64 22 3a 22 46 5a 32 31 30 34 32
                                                  Data Ascii: {"Data": {"Session":1,"Trigger":"User","InstallDate":"2024-07-22T00:00:00","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Language":"en-US","MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","OsVersion":"Microsoft Windows 10 Pro","PartnerId":"FZ21042
                                                  2024-07-22 10:52:21 UTC479INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:52:21 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e175cb1a42f5-EWR
                                                  2024-07-22 10:52:21 UTC35INData Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}
                                                  2024-07-22 10:52:21 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                  27192.168.2.849770104.16.149.130443
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:53:28 UTC174OUTPOST /v1/event-stat?Type=Launch&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 308
                                                  Connection: Keep-Alive
                                                  2024-07-22 10:53:28 UTC308OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 53 74 61 72 74 54 72 69 67 67 65 72 22 3a 22 49 6e 73 74 61 6c 6c 46 69 72 73 74 52 75 6e 22 2c 22 49 6e 73 74 61 6c 6c 44 61 74 65 22 3a 22 32 30 32 34 2d 30 37 2d 32 32 54 30 30 3a 30 30 3a 30 30 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30 2d 62 31 34 38 2d 34 36 32 64 2d 38 32 38 34 2d 39 34 65 63 30 37 34 35 62 33 62 34 22 2c 22 4c 61 6e 67 75 61 67 65 22 3a 22 65 6e 2d 55 53 22 2c 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 4f 73 56 65 72 73 69 6f 6e 22 3a 22 4d 69 63 72 6f 73 6f 66 74 20 57 69 6e 64 6f 77 73 20 31 30 20 50 72 6f 22 2c 22 50 61 72 74 6e 65 72 49 64 22 3a 22 46 5a 32
                                                  Data Ascii: {"Data": {"StartTrigger":"InstallFirstRun","InstallDate":"2024-07-22T00:00:00","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Language":"en-US","MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","OsVersion":"Microsoft Windows 10 Pro","PartnerId":"FZ2
                                                  2024-07-22 10:53:29 UTC479INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:53:29 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e31feef918ee-EWR
                                                  2024-07-22 10:53:29 UTC35INData Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}
                                                  2024-07-22 10:53:29 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                  28192.168.2.849775104.16.149.130443
                                                  TimestampBytes transferredDirectionData
                                                  2024-07-22 10:53:34 UTC174OUTPOST /v1/event-stat?Type=UIOpen&ProductID=wc&EventVersion=1 HTTP/1.1
                                                  Content-Type: application/json
                                                  Host: flow.lavasoft.com
                                                  Content-Length: 304
                                                  Connection: Keep-Alive
                                                  2024-07-22 10:53:34 UTC304OUTData Raw: 7b 22 44 61 74 61 22 3a 20 7b 22 53 65 73 73 69 6f 6e 22 3a 32 2c 22 54 72 69 67 67 65 72 22 3a 22 55 73 65 72 22 2c 22 49 6e 73 74 61 6c 6c 44 61 74 65 22 3a 22 32 30 32 34 2d 30 37 2d 32 32 54 30 30 3a 30 30 3a 30 30 22 2c 22 49 6e 73 74 61 6c 6c 49 64 22 3a 22 62 38 65 31 64 30 62 30 2d 62 31 34 38 2d 34 36 32 64 2d 38 32 38 34 2d 39 34 65 63 30 37 34 35 62 33 62 34 22 2c 22 4c 61 6e 67 75 61 67 65 22 3a 22 65 6e 2d 55 53 22 2c 22 4d 61 63 68 69 6e 65 49 64 22 3a 22 66 64 64 34 32 65 65 31 2d 38 38 65 39 2d 33 31 34 33 2d 37 66 34 66 2d 62 65 32 63 30 39 36 31 31 36 39 38 22 2c 22 4f 73 56 65 72 73 69 6f 6e 22 3a 22 4d 69 63 72 6f 73 6f 66 74 20 57 69 6e 64 6f 77 73 20 31 30 20 50 72 6f 22 2c 22 50 61 72 74 6e 65 72 49 64 22 3a 22 46 5a 32 31 30 34 32
                                                  Data Ascii: {"Data": {"Session":2,"Trigger":"User","InstallDate":"2024-07-22T00:00:00","InstallId":"b8e1d0b0-b148-462d-8284-94ec0745b3b4","Language":"en-US","MachineId":"fdd42ee1-88e9-3143-7f4f-be2c09611698","OsVersion":"Microsoft Windows 10 Pro","PartnerId":"FZ21042
                                                  2024-07-22 10:53:34 UTC479INHTTP/1.1 200 OK
                                                  Date: Mon, 22 Jul 2024 10:53:34 GMT
                                                  Content-Type: application/json; charset=utf-8
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                  Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Access-Control-Allow-Origin
                                                  Access-Control-Expose-Headers: Content-Length,Content-Range
                                                  CF-Cache-Status: DYNAMIC
                                                  Server: cloudflare
                                                  CF-RAY: 8a72e33ffc808c8f-EWR
                                                  2024-07-22 10:53:34 UTC35INData Raw: 31 64 0d 0a 7b 22 6d 65 73 73 61 67 65 22 3a 22 45 76 65 6e 74 20 70 65 72 73 69 73 74 65 64 22 7d 0d 0a
                                                  Data Ascii: 1d{"message":"Event persisted"}
                                                  2024-07-22 10:53:34 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Statistics

                                                  CPU Usage

                                                  Click to jump to process

                                                  Memory Usage

                                                  Click to jump to process

                                                  High Level Behavior Distribution

                                                  Click to dive into process behavior distribution

                                                  Behavior

                                                  Click to jump to process

                                                  System Behavior

                                                  General

                                                  Target ID:0
                                                  Start time:06:50:13
                                                  Start date:22/07/2024
                                                  Path:C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:"C:\Users\user\Desktop\FileZilla_3.67.1_win64_sponsored-setup.exe"
                                                  Imagebase:0x400000
                                                  File size:12'417'936 bytes
                                                  MD5 hash:AC97E64C3E2E865C50155DFDFFE5428A
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Reputation:low
                                                  Has exited:true

                                                  General

                                                  Target ID:4
                                                  Start time:06:50:36
                                                  Start date:22/07/2024
                                                  Path:C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:"C:\Users\user\AppData\Local\Temp\nsmA292.tmp\WcInstaller.exe" --silent --partner=FZ210427 --searchenbl
                                                  Imagebase:0x400000
                                                  File size:565'920 bytes
                                                  MD5 hash:CA94290A5FB89E0AAACBF01585718B17
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Reputation:low
                                                  Has exited:false

                                                  General

                                                  Target ID:5
                                                  Start time:06:50:36
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\svchost.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:C:\Windows\System32\svchost.exe -k WerSvcGroup
                                                  Imagebase:0x7ff67e6d0000
                                                  File size:55'320 bytes
                                                  MD5 hash:B7F884C1B74A263F746EE12A5F7C9F6A
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Reputation:high
                                                  Has exited:false

                                                  General

                                                  Target ID:6
                                                  Start time:06:50:36
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\SysWOW64\WerFault.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 2168 -ip 2168
                                                  Imagebase:0x9d0000
                                                  File size:483'680 bytes
                                                  MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Reputation:high
                                                  Has exited:true

                                                  General

                                                  Target ID:7
                                                  Start time:06:50:36
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\SysWOW64\WerFault.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 2168 -s 2464
                                                  Imagebase:0x9d0000
                                                  File size:483'680 bytes
                                                  MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Reputation:high
                                                  Has exited:true

                                                  General

                                                  Target ID:8
                                                  Start time:06:50:36
                                                  Start date:22/07/2024
                                                  Path:C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:.\WebCompanionInstaller.exe --partner=FZ210427 --version=9.1.0.993 --silent --partner=FZ210427 --searchenbl
                                                  Imagebase:0xdd0000
                                                  File size:468'184 bytes
                                                  MD5 hash:80619C0E2165AB0C217D4355461DA07D
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Yara matches:
                                                  • Rule: JoeSecurity_GenericDownloader_1, Description: Yara detected Generic Downloader, Source: C:\Users\user\AppData\Local\Temp\7zS46E8489B\WebCompanionInstaller.exe, Author: Joe Security
                                                  Reputation:low
                                                  Has exited:false

                                                  General

                                                  Target ID:9
                                                  Start time:06:50:37
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\svchost.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:C:\Windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
                                                  Imagebase:0x7ff67e6d0000
                                                  File size:55'320 bytes
                                                  MD5 hash:B7F884C1B74A263F746EE12A5F7C9F6A
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Reputation:high
                                                  Has exited:false

                                                  General

                                                  Target ID:10
                                                  Start time:06:50:52
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\SysWOW64\WerFault.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 2168 -ip 2168
                                                  Imagebase:0x9d0000
                                                  File size:483'680 bytes
                                                  MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Reputation:high
                                                  Has exited:true

                                                  General

                                                  Target ID:11
                                                  Start time:06:50:53
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\SysWOW64\WerFault.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 2168 -s 2596
                                                  Imagebase:0x9d0000
                                                  File size:483'680 bytes
                                                  MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Reputation:high
                                                  Has exited:true

                                                  General

                                                  Target ID:12
                                                  Start time:06:50:54
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\SysWOW64\sc.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:"sc.exe" Create "WCAssistantService" binPath= "C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe" DisplayName= "WC Assistant" start= auto
                                                  Imagebase:0xae0000
                                                  File size:61'440 bytes
                                                  MD5 hash:D9D7684B8431A0D10D0E76FE9F5FFEC8
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Reputation:moderate
                                                  Has exited:true

                                                  General

                                                  Target ID:13
                                                  Start time:06:50:54
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\conhost.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                  Imagebase:0x7ff6ee680000
                                                  File size:862'208 bytes
                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Reputation:high
                                                  Has exited:true

                                                  General

                                                  Target ID:14
                                                  Start time:06:50:55
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\SysWOW64\sc.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:"sc.exe" failure WCAssistantService reset= 30 actions= restart/60000
                                                  Imagebase:0xae0000
                                                  File size:61'440 bytes
                                                  MD5 hash:D9D7684B8431A0D10D0E76FE9F5FFEC8
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:15
                                                  Start time:06:50:55
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\conhost.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                  Imagebase:0x7ff6ee680000
                                                  File size:862'208 bytes
                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:16
                                                  Start time:06:50:55
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\SysWOW64\sc.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:"sc.exe" description "WCAssistantService" "Ad-Aware Web Companion Internet security service"
                                                  Imagebase:0xae0000
                                                  File size:61'440 bytes
                                                  MD5 hash:D9D7684B8431A0D10D0E76FE9F5FFEC8
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:17
                                                  Start time:06:50:55
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\conhost.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                  Imagebase:0x7ff6ee680000
                                                  File size:862'208 bytes
                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:20
                                                  Start time:06:50:58
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\svchost.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
                                                  Imagebase:0x7ff67e6d0000
                                                  File size:55'320 bytes
                                                  MD5 hash:B7F884C1B74A263F746EE12A5F7C9F6A
                                                  Has elevated privileges:true
                                                  Has administrator privileges:false
                                                  Programmed in:C, C++ or other language
                                                  Has exited:false

                                                  General

                                                  Target ID:21
                                                  Start time:06:51:15
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\rundll32.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:"C:\Windows\sysnative\RunDLL32.Exe" syssetup,SetupInfObjectInstallAction BootInstall 128 C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci.inf
                                                  Imagebase:0x7ff60c9c0000
                                                  File size:71'680 bytes
                                                  MD5 hash:EF3179D498793BF4234F708D3BE28633
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:22
                                                  Start time:06:51:16
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\runonce.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:"C:\Windows\system32\runonce.exe" -r
                                                  Imagebase:0x7ff6e56b0000
                                                  File size:61'952 bytes
                                                  MD5 hash:9ADEF025B168447C1E8514D919CB5DC0
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:23
                                                  Start time:06:51:17
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\grpconv.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:"C:\Windows\System32\grpconv.exe" -o
                                                  Imagebase:0x7ff70e310000
                                                  File size:52'736 bytes
                                                  MD5 hash:8531882ACC33CB4BDC11B305A01581CE
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:25
                                                  Start time:06:51:26
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\net.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:"C:\Windows\sysnative\net.exe" start bddci
                                                  Imagebase:0x7ff74d190000
                                                  File size:59'904 bytes
                                                  MD5 hash:0BD94A338EEA5A4E1F2830AE326E6D19
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:26
                                                  Start time:06:51:26
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\SysWOW64\sc.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:"sc.exe" Create "DCIService" binPath= "C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe" DisplayName= "DCIService" start= auto
                                                  Imagebase:0xae0000
                                                  File size:61'440 bytes
                                                  MD5 hash:D9D7684B8431A0D10D0E76FE9F5FFEC8
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:27
                                                  Start time:06:51:26
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\conhost.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                  Imagebase:0x7ff6ee680000
                                                  File size:862'208 bytes
                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:28
                                                  Start time:06:51:26
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\conhost.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                  Imagebase:0x7ff6ee680000
                                                  File size:862'208 bytes
                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:29
                                                  Start time:06:51:26
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\SysWOW64\WerFault.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:C:\Windows\SysWOW64\WerFault.exe -pss -s 492 -p 2168 -ip 2168
                                                  Imagebase:0x9d0000
                                                  File size:483'680 bytes
                                                  MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:30
                                                  Start time:06:51:26
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\net1.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:C:\Windows\system32\net1 start bddci
                                                  Imagebase:0x7ff66fba0000
                                                  File size:183'808 bytes
                                                  MD5 hash:55693DF2BB3CBE2899DFDDF18B4EB8C9
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:31
                                                  Start time:06:51:26
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\SysWOW64\WerFault.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 2168 -s 1192
                                                  Imagebase:0x9d0000
                                                  File size:483'680 bytes
                                                  MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:32
                                                  Start time:06:51:36
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\SysWOW64\sc.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:"sc.exe" description "DCIService" "Webprotection Bridge service"
                                                  Imagebase:0xae0000
                                                  File size:61'440 bytes
                                                  MD5 hash:D9D7684B8431A0D10D0E76FE9F5FFEC8
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:33
                                                  Start time:06:51:36
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\conhost.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                  Imagebase:0x7ff6ee680000
                                                  File size:862'208 bytes
                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:34
                                                  Start time:06:51:36
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:"C:\Windows\System32\cmd.exe" /C "C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bridge_start.cmd"
                                                  Imagebase:0xa40000
                                                  File size:236'544 bytes
                                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:35
                                                  Start time:06:51:36
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\conhost.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                  Imagebase:0x7ff6ee680000
                                                  File size:862'208 bytes
                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:36
                                                  Start time:06:51:37
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\SysWOW64\sc.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:sc start DCIService
                                                  Imagebase:0xae0000
                                                  File size:61'440 bytes
                                                  MD5 hash:D9D7684B8431A0D10D0E76FE9F5FFEC8
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:37
                                                  Start time:06:51:37
                                                  Start date:22/07/2024
                                                  Path:C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:"C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe"
                                                  Imagebase:0x7ff663010000
                                                  File size:3'420'376 bytes
                                                  MD5 hash:3827CA1C0EC114A29BB576BEF431F070
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:false

                                                  General

                                                  Target ID:38
                                                  Start time:06:51:43
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:"C:\Windows\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone
                                                  Imagebase:0xa40000
                                                  File size:236'544 bytes
                                                  MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:39
                                                  Start time:06:51:43
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\conhost.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                  Imagebase:0x7ff6ee680000
                                                  File size:862'208 bytes
                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:40
                                                  Start time:06:51:43
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\SysWOW64\netsh.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:netsh http add urlacl url=http://+:9007/ user=Everyone
                                                  Imagebase:0x15c0000
                                                  File size:82'432 bytes
                                                  MD5 hash:4E89A1A088BE715D6C946E55AB07C7DF
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:41
                                                  Start time:06:51:44
                                                  Start date:22/07/2024
                                                  Path:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --silent --install --geo= --searchenbl
                                                  Imagebase:0x370000
                                                  File size:9'332'952 bytes
                                                  MD5 hash:11CE0FC17BFCDCCF929515BD90455BAF
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Yara matches:
                                                  • Rule: JoeSecurity_GenericDownloader_1, Description: Yara detected Generic Downloader, Source: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe, Author: Joe Security
                                                  Antivirus matches:
                                                  • Detection: 4%, ReversingLabs
                                                  Has exited:false

                                                  General

                                                  Target ID:42
                                                  Start time:06:51:49
                                                  Start date:22/07/2024
                                                  Path:C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe"
                                                  Imagebase:0xf40000
                                                  File size:27'864 bytes
                                                  MD5 hash:3442D7F43B57552DB02DD69C13F6E682
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Antivirus matches:
                                                  • Detection: 4%, ReversingLabs
                                                  Has exited:false

                                                  General

                                                  Target ID:45
                                                  Start time:06:51:52
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\cmd.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:"C:\Windows\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone
                                                  Imagebase:0x7ff71e9d0000
                                                  File size:289'792 bytes
                                                  MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:46
                                                  Start time:06:51:52
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\conhost.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                  Imagebase:0x7ff6ee680000
                                                  File size:862'208 bytes
                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:47
                                                  Start time:06:51:52
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\netsh.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:netsh http add urlacl url=http://+:9007/ user=Everyone
                                                  Imagebase:0x7ff702100000
                                                  File size:96'768 bytes
                                                  MD5 hash:6F1E6DD688818BC3D1391D0CC7D597EB
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:48
                                                  Start time:06:51:53
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:"C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\rrd1gvmr.cmdline"
                                                  Imagebase:0x400000
                                                  File size:80'296 bytes
                                                  MD5 hash:2B9482EB5D3AF71029277E18F6C656C0
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:49
                                                  Start time:06:51:53
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\conhost.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                  Imagebase:0x7ff6ee680000
                                                  File size:862'208 bytes
                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:50
                                                  Start time:06:51:53
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RES29AE.tmp" "c:\Users\user\AppData\Local\Temp\CSC299E.tmp"
                                                  Imagebase:0x400000
                                                  File size:35'296 bytes
                                                  MD5 hash:E118330B4629B12368D91B9DF6488BE0
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:51
                                                  Start time:06:51:56
                                                  Start date:22/07/2024
                                                  Path:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --minimize
                                                  Imagebase:0x310000
                                                  File size:9'332'952 bytes
                                                  MD5 hash:11CE0FC17BFCDCCF929515BD90455BAF
                                                  Has elevated privileges:false
                                                  Has administrator privileges:false
                                                  Programmed in:C, C++ or other language
                                                  Has exited:false

                                                  General

                                                  Target ID:53
                                                  Start time:06:51:59
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:"C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\i6uwqyh0.cmdline"
                                                  Imagebase:0x400000
                                                  File size:80'296 bytes
                                                  MD5 hash:2B9482EB5D3AF71029277E18F6C656C0
                                                  Has elevated privileges:false
                                                  Has administrator privileges:false
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:54
                                                  Start time:06:51:59
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\System32\conhost.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                  Imagebase:0x7ff6ee680000
                                                  File size:862'208 bytes
                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                  Has elevated privileges:false
                                                  Has administrator privileges:false
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:55
                                                  Start time:06:51:59
                                                  Start date:22/07/2024
                                                  Path:C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RES40C1.tmp" "c:\Users\user\AppData\Local\Temp\CSC40B0.tmp"
                                                  Imagebase:0x400000
                                                  File size:35'296 bytes
                                                  MD5 hash:E118330B4629B12368D91B9DF6488BE0
                                                  Has elevated privileges:false
                                                  Has administrator privileges:false
                                                  Programmed in:C, C++ or other language
                                                  Has exited:true

                                                  General

                                                  Target ID:56
                                                  Start time:06:52:04
                                                  Start date:22/07/2024
                                                  Path:C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --minimize
                                                  Imagebase:0x2a0000
                                                  File size:9'332'952 bytes
                                                  MD5 hash:11CE0FC17BFCDCCF929515BD90455BAF
                                                  Has elevated privileges:false
                                                  Has administrator privileges:false
                                                  Programmed in:C, C++ or other language
                                                  Has exited:false

                                                  Disassembly

                                                  No disassembly